July 31, 2018 |

Spam Is Still the Choice of Online Criminals, 40 Years Later

Spam is number one source of malware as criminals add a few new tricks to this classic method, new research from F-Secure and MWR InfoSecurity finds

Helsinki, Finland—July 31, 2018: Online criminals have gotten savvier but they’re still relying on the same old tricks they’ve been using for decades. F-Secure research shows spam remains the most common method of spreading malicious URLs, scams and malware more than 40 years after the first email spam was sent.* 

“Email spam is once again the most popular choice for sending out malware,” says Päivi Tynninen, Threat Intelligence Researcher at F-Secure. “Of the spam samples we’ve seen over spring of 2018, 46% are dating scams, 23% are emails with malicious attachments, and 31% contain links to malicious websites.” 

Spam has been one of the main infection vectors for decades, Päivi notes. “During the past few years, it’s gained more popularity against other vectors, as systems are getting more secure against software exploits and vulnerabilities,” she says. 

The technique still relies on spewing out massive numbers of emails in order to snare a tiny number of users. And criminals continually refine their tactics to deliver to better results. 

“Spam is becoming an increasingly successful attack vector, with click rates rising from 13.4% in the second half of 2017 to 14.2% in 2018,” says Adam Sheehan, Behavioral Science Lead at MWR InfoSecurity, the creators of phisd, a service that monitors and improves businesses susceptibility to phishing and other data-related attacks. MWR was acquired by F-Secure in June of 2018. 

While spam is a numbers game, MWR’s effectiveness model has identified certain tactics that play on recipients’ psychology to make spam more potent:   

  • The probability of recipient opening an email increases 12% if the email claims to come from a known individual  
  • Having a subject line free from errors improves spam’s success rate by 4.5%  
  • A phishing email states that its call to action that is very urgent gets less traction than when the urgency is implied 

Criminals are not just relying on the content of spam to trick users. They are also using new methods to infect users who are wise to the dangers of clicking on unsolicited attachments.  

“Rather than just using malicious attachments, the spam we’re seeing often features a URL that directs you to a harmless site, which then redirects you to site hosting malicious content. The extra hop is an analysis evasion method for keeping the malicious content hosted for as long as possible,” Päivi says. “And when attachments are used, the criminals often attempt to avoid automatic analysis by asking the user to enter a password featured in the body of the email to open the file.” 

You can hear Päivi and her fellow researcher Jarkko Turkulainen discuss spam and other current cybercrime trends on the latest episode of F-Secure’s Cyber Sauna podcast. 

*https://www.npr.org/templates/story/story.php?storyId=90160617  

 

More information 

Infographic: Why Spam Tops the Menu for Online Criminals
If You See Malware, It Will Probably Be Spam 

Don’t be fooled: these companies are the most-spoofed in spam 

 

About F-Secure 

Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers. 

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd. 

f-secure.com | twitter.com/fsecure | facebook.com/f-secure

Latest Press Releases

May 29, 2020

A start button for securing cloud-based email

F-Secure Cloud Protection for Microsoft Office 365 is built to secure inboxes as businesses move to cloud-based email services.

May 22, 2020

F-Secure becomes Premier Member of The Fiber Broadband Association’s LATAM Chapter

Helsinki, Finland – May 22, 2020: Cyber security provider F-Secure has become the newest Premier Member of the LATAM chapter of the Fiber Broadband Association – the largest and only trade association in the Americas dedicated to the pursuit of an all-fiber optic network infrastructure. As a Premier Member, F-Secure will support the organization providing […]

May 13, 2020

F-Secure UK completes study on intelligent transport system security

Research highlights threats and security challenges facing the UK’s emerging driverless transportation infrastructure.

April 30, 2020

New vulnerabilities make exposed Salt hosts easy targets

“Patch by Friday or compromised by Monday,” warns F-Secure Principal Consultant Olle Segerdahl. “That’s how I’d describe the dilemma facing admins who have their Salt master hosts exposed to the internet.” Olle’s warning is a reference to new Salt vulnerabilities (CVE-2020-11651 and CVE-2020-11652) disclosed earlier today in an F-Secure Labs advisory. Salt is open-source software […]

%d bloggers like this: