Spam the most important source of malware after 40 years

Spam remains, even after forty years, still the most chosen method of attack for cyber criminals. Recent research shows that spam remains the most important method for distributing malicious URLs, scams and other malware.

Cybercriminals work smarter and add new tactics to this classic method. As a result, recipients are more likely to drop into spam mails. In the second half of 2017, 13.4% clicked on spam messages, while that percentage is already 14.2 in 2018.

Spam is still the most popular method to send malware into the world, ” said Päivi Tynninen, threat intelligence researcher at F-Secure. “ Of the spam samples we examined in the spring of 2018, 46% consisted of dating cams and 23% e-mail messages with malicious attachments, and 31% of the messages contained links to malicious websites.

Spam is King

Spam has been one of the most important sources of infection for decades, according to Tynninen. In recent years, spam has even gained popularity compared to other methods. The reason for this is that security against exploits has improved because more security leaks are being closed.

That spamming evolves into an increasingly successful attack technique is apparent from the click percentages . “ These rose from 13.4% in the second half of 2017 to 14.2% in 2018,” says Adam Sheehan, behavioral science lead at MWR InfoSecurity. The company behind phisd, a service that helps organizations detect and reduce phishing and other data-related attacks.

New spam tactics

A new trick that makes spam more effective is responding to the psychology of the recipient. Although spam is mainly volume, MWR InfoSecurity identifies a number of specific tactics that increase the chance of success at the receiver. These tactics are:

  1. The probability that a recipient opens an e-mail message increases by 12% if the message comes from a known person.
  2. A subject line without errors increases the chances of success by 4.5%.
  3. Phishing e-mails with a call to action suggesting urgency is more effective.

Haasje-over trick

In addition, cybercriminals are increasingly using new methods to infect users who deliberately do not click attachments in unsolicited messages. “We notice that many spam messages contain a link that redirects you to an innocent website, which you then forward to a website with malicious content. This form of leapfrog is a trick to circumvent detection and ensure that the malicious code can be hosted as long as possible “, says Tynninen.

Päivi Tynninen and her co-researcher Jarkko Turkulainen discuss spam and other trends in the field of cybercrime in the latest edition of the Cyber ​​Sauna podcast by F-Secure.