Spam remains still continues to be the most common attack vector used by cybercriminals for decades. Spam click rates increased in 2018, so far 14.2 percent of spam that delivered in the inbox are clicked, whereas in 2017 the click rate is 13.4%.
Attackers rely on a number of methods to trick the users, instead of delivering malicious content directly they redirect to a legitimate website and then to the site hosting malicious contents.
According to the F-Secure research report, the Email spam remains as the most common methods for attackers for spreadings malicious URLs and malware for more the 40 years since the original email.
Paivi says “During the past few years, it’s gained more popularity against other vectors, as systems are getting more secure against software exploits and vulnerabilities.”
With 85% of email campaigns only five file formats are used (.zZIP, .DOC, .XLS, .PDF, .7ZS). With the samples observed by F-secure 46% are dating scams, 23% are emails with malicious attachments, and 31% contain links to malicious websites.
Attackers improved the success rate of spam’s campaign to 4.5% by having error-free subject line’s. Spammers also use to spoof the populated by gaints like Apple, Amazon and Microsoft.
Scammers continue to adapt with new techniques to trick user’s and make them fall as a victim. Scammers always impose limits such as “call immediately” or “Offer Valid Today only” to make you act on it immediately.
Recently a sophisticated Apple Phishing Scam notifies the user’s that their account has been limited due to unusual activity and ask’s for payment details and the site was encrypted with Advanced Encryption Standard (AES).