Spam is the most
effective malware delivery vehicle, in part because systems are more secure against other attack formats, according to a study released on Tuesday by F-Secure.
Click rates for email attack
spam rose from 13.4% in the second half of 2017 to 14.2% in 2018.
And dating scams are especially popular among cyber criminals.
“Of the spam samples we’ve seen
over spring of 2018, 46% are dating scams, 23% are emails with malicious attachments, and 31% contain links to malicious websites,” states Päivi Tynninen, threat intelligence researcher at
F-Secure.
Tynninen adds that “the spam we’re seeing often features a URL that directs you to a harmless site, which then redirects you to site hosting malicious content. The
extra hop is an analysis evasion method for keeping the malicious content hosted for as long as possible.”
In addition, bad actors “often attempt to avoid automatic analysis by
asking the user to enter a password featured in the body of the email to open the file,” Tynninen continues.
The study notes that cyber criminals send massive numbers of emails to snare
just a few users. It also found that:
- There is a 12% higher open probability if the email claims to come from a known individual
- A subject line free of errors increases the
spam success rate by 4.5%.
- A phishing email with an urgent call to action is less effective than one that implies urgency.
F-Secure is a cyber security firm based in
Helsinki.