• by Ray Schultz , July 31, 2018

Spam is the most effective malware delivery vehicle, in part because systems are more secure against other attack formats, according to a study released on Tuesday by F-Secure.

Click rates for email attack spam rose from 13.4% in the second half of 2017 to 14.2% in 2018.

And dating scams are especially popular among cyber criminals. 

 “Of the spam samples we’ve seen over spring of 2018, 46% are dating scams, 23% are emails with malicious attachments, and 31% contain links to malicious websites,” states Päivi Tynninen, threat intelligence researcher at F-Secure. 

Tynninen adds that “the spam we’re seeing often features a URL that directs you to a harmless site, which then redirects you to site hosting malicious content. The extra hop is an analysis evasion method for keeping the malicious content hosted for as long as possible.”

In addition, bad actors “often attempt to avoid automatic analysis by asking the user to enter a password featured in the body of the email to open the file,” Tynninen continues.

The study notes that cyber criminals send massive numbers of emails to snare just a few users. It also found that:

• There is a 12% higher open probability if the email claims to come from a known individual
• A subject line free of errors increases the spam success rate by 4.5%.
• A phishing email with an urgent call to action is less effective than one that implies urgency.

F-Secure is a cyber security firm based in Helsinki.