​Spam is getting smarter and we’re still falling for it

Sending spam email remains the most popular means for cyber-crooks to spread malware and links to maliciouis websites.

According to an analysis of spam emails by security company F-Secure, nearly half (46 percent) are pushing dating scams, just under a third (31 percent) are links to malicious websites and just under a quarter (23 percent) have malicious attachments. Just five file types — ZIP, .DOC, .XLS, .PDF, and .7Z – make up about 85 percent of malicious attachments.

SEE: You’ve been breached: Eight steps to take within the next 48 hours (free PDF)

Päivi Tynninen, a threat intelligence researcher at F-Secure, said that although spam has been one of the main ways of spreading viruses and malware for decades, it has gained more popularity during the past few years as systems have become more secure against software exploits and vulnerabilities.

special feature

Cyberwar and the Future of Cybersecurity

Cyberwar and the Future of Cybersecurity

Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.

Read More

Crooks have also refined their techniques to deliver to better results, with click rates rising from 13.4 percent in the second half of 2017 to 14.2 percent in 2018. You are 12 percent more likely to open spam if it pretends to come from someone you know, but spelling matters: a subject line free from errors improves spam’s success rate by 4.5 percent.

The groups behind spam emails are also trying new tricks to infect users who are getting wise to the dangers of clicking on unsolicited attachments.

Rather than just using malicious attachments, spam messages will feature a URL that directs the victim to a harmless site, which then redirects them to a site hosting malicious content.

“The extra hop is an analysis evasion method for keeping the malicious content hosted for as long as possible,” said Päivi Tynninen. When attachments are used, the criminals often attempt to avoid automatic analysis by asking the user to enter a password featured in the body of the email to open the file, she added.