Spam is still the number-one choice for cyber-criminals, 40 years after the first spam email was ever sent.
Cast your mind back to 1978, when Grease was released and The Bee Gees dominated the music charts. It’s hard to believe that the first spam email was also written and sent in this year by Gary Thuerk. The marketing manager used ARPANET, the predecessor to the modern internet, to pitch a new model of computer to hundreds of people with a single message.
Since then, spam has evolved but much of the tricks used by cyber-criminals have remained the same. Recent research from F-Secure shows spam is still the most common method of spreading malicious URLs, scams and malware, decades after the first message was sent.
What are the most popular spam scams?
According to Päivi Tynninen, threat intelligence researcher at F-Secure, there are several popular scams doing the rounds. “Of the spam samples we’ve seen over spring of 2018, 46pc are dating scams, 23pc are emails with malicious attachments and 31pc contain links to malicious websites.”
Tynninen also noted that as systems become more secure against software exploits and vulnerabilities, spam has actually become more popular. Adam Sheehan, behavioural science lead at MWR InfoSecurity, which was acquired by F-Secure this year, said click rates are increasing, meaning the scams are becoming more difficult to detect.
MWR has identified particular tactics that play on the psychology of recipients, making campaigns more successful. If the email claims to come from a known individual, the open rate climbs by 12pc. A typo-free subject line also increases spam’s success by 4.5pc. The inclusion of an urgent call to action gets less traction than when the urgency is implied instead.
New methods being used
Criminals are also using new methods to infect users who are already wise to the dangers of opening strange attachments, Tynninen said. “Rather than just using malicious attachments, the spam we’re seeing often features a URL that directs you to a harmless site, which then redirects you to a site hosting malicious content. The extra hop is an analysis evasion method for keeping the malicious content hosted for as long as possible.
“And when attachments are used, the criminals often attempt to avoid automatic analysis by asking the user to enter a password featured in the body of the email to open the file.”