Are You in the 51 Percent Club?
Over forty years since the first spam email was sent, it is still the favorite tool of crooks and criminals online. A report from security group F-Secure says that spam is the most common method used to distribute malware, phishing attacks, malicious URLs, and scams. Read on to see if you're in the 51 Percent Club, learn the tell-tale indicators of malicious emails, and the true origin of spam... |
Spam: Still Number One With Crooks
You've got software to protect your computer from viruses, spyware, ransomware, and rogue websites. You're careful to keep all your software up to date. Your identity theft spider sense tingles with every suspicious phone call. But then that innocent-looking email pops into your inbox. It appears to be from your friend, your bank, or your favorite online store.
I got one today that said “A user has just logged into your Facebook account from a Samsung S10 device. We are sending you this email to verify that it is you. Thank you, Facebook Team.” It looks very much like the actual account warnings that Facebook does send out. The subject line says “Please respond immediately.”
So you click, and you've been had. Because of the sense of urgency created by this message, one might ignore the fact that it was sent from “ebxjwwptsoqwvbbqjivcqpoduuxdur.com.au” (clearly not Facebook HQ) and that there were 50-odd sketchy addresses in the Reply-to header.
Spam is still the most effective attack vector for hackers and online criminals, according to the latest research from F-Secure. They reported that phishing, spam, and other email threats were the source of 51% of all attempted malware infections in 2020, compared to 43% last year. Hopefully you were not in the 51% Club.
Cybercriminals capitalized on fear and confusion during the Covid-19 pandemic, sending email scams offering masks from fraudulent sources, and malicious email attachments containing infostealers – malware that steals passwords and other sensitive information. Facebook, Chase Bank, Microsoft, PayPal, and Bank of America were the most frequently spoofed brands. As usual, cybercriminals are taking their cue from water -- traveling along the path of least resistance.
F-Secure says these phishing campaigns are effective because “users are already accustomed
to receiving notifications... failure of delivery emails, alerts for hitting storage limits, quarantine notifications, requests for reactivation, or ‘update your password’ emails.”
As software vulnerabilities are closed and anti-malware suites grow more capable, spam becomes relatively more effective compared to hacking and exploitation of software vulnerabilities. Spam still is infinitely scalable, too; it costs nearly nothing to blast out millions of spam emails from a compromised machine, and spambot networks of thousands of slave machines are commonplace.
While success still depends on spewing out millions of spam emails to get a handful of “bites,” spammers are constantly refining their techniques and improving their batting averages.
Why Do People Click?
According to F-Secure, here are some clues as to what makes phishing spam successful:
- The probability of a recipient opening an email increases 12% if the email claims to come from a known individual
- Having a subject line free from errors improves spam’s success rate by 4.5%
- A phishing email that explicitly states in its call to action that it is very urgent gets less traction than when the urgency is implied
Most users have finally learned not to click on email attachments sent by strangers, or any attachment that comes unexpectedly. So more phishing emails include URLs instead; people are still conditioned to click on links to see where they go, especially if the link says “click on this link...”
The link often does not lead directly to a malicious site, but to an innocuous site that redirects traffic to a malicious site. That way, the bad guy avoids detection by automated analysis software that previews links and compares them to known malicious URLs.
A BIT OF HISTORY: I mentioned in the opening of this article that the first spam message was sent over 40 years ago. That happened in May 1978 when a marketing executive for Digital Equipment Corporation sent an unsolicited email to 397 ARPAnet addresses, with an invitation to a product demonstration. The term "spam" was not applied to unsolicited messages until April 1993, and according to Wikipedia, is thought to derive from a Monty Python comedy sketch "in which a group of Vikings sing SPAM, SPAM, SPAM... at increasing volumes." It was adopted to refer to "unsolicited commercial electronic mail sent to a large number of addresses, in what was seen as drowning out normal communication on the internet." So now you know.
F-secure includes tips for security-conscious people in its security blog. Some recent topics include ransomware, stalkerware, and account takeover. The article on Effective Spam Trends predicts that the use of pandemic-related information as a lure, using office documents as an infection vector, and the use of cloud services to host malicious content, will likely continue in 2021.
The good news is that with education and software, we have eliminated or limited many malware attack options to spam. The bad news is that spam still works. My best advice: Think twice before you click.
Your thoughts on this topic are welcome. Post your comment or question below…
This article was posted by Bob Rankin on 29 Jan 2021
For Fun: Buy Bob a Snickers. |
![]() |
Prev Article: Try These 10 Tips To Prevent Identity Theft |
![]() The Top Twenty |
Next Article: You, Your Router… and Eggs? |
![]() |
There's more reader feedback... See all 22 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved Privacy Policy RSS/XML |
Article information: AskBobRankin -- Are You in the 51 Percent Club? (Posted: 29 Jan 2021)
Source: https://askbobrankin.com/are_you_in_the_51_percent_club.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Are You in the 51 Percent Club?"
(See all 22 comments for this article.)Posted by:
MartinW
29 Jan 2021
I ALWAYS check the return address now, go directly to the site (firm, person, whatever), and so on. At least 15 years ago (maybe 20, maybe ?) when I was young(er) and more gullible, I got an email sending me vacation pictures from a rather distant "relative". (I have many.) You guessed it. They shanghaied my email to send spam. So I'm a member of the club.
Posted by:
JOHN KWARCINSKI
29 Jan 2021
is it helpful to send the phishing email to the company that it says it is. for example: i got a phishing ermail today saying i need to upgraqde my xfinity for security reasons .... click here. i usually copy the "phony" email and send it to , in the this case ....... abuse@comcast.net
are the security people able to use the information in the email to track down and stop the spammers? or am i just wasting my time?
Posted by:
sky
29 Jan 2021
Every day is too much.
Cheers,
sky
Posted by:
Jene
29 Jan 2021
Your site includes a captive popup to "Click on allow to subscribe to notifications" This sure looks like a bogus link. These captive popups, popups that can not be dismissed, are becoming much more common. Shame on you!
Posted by:
gene
29 Jan 2021
It is SO easy to avoid these. First, most should be in your spam folder, but those that are not, well, just hover your cursor on the address - it will look like what Bob highlighted above, NOT who it claims to be from. No reputable company EVER asks you for login information in an email. This isn't rocket science. If you've a loved one who falls for such things, it may be time to consider monitoring their online time.
Posted by:
Doc
29 Jan 2021
JOHN KWARCINSKI -- They need the FULL e-mail, including headers, to do anything. In Yahoo you can open (I think it says 'view raw message') the header that has ALL the data they need to track the e-mail back to it's source. (you read it from BOTTOM TO TOP - meaning that the origin is at the bottom, and the destination is at the top). It generally has the IP addresses of EVERY computer it passes through and that helps Comcast in this case trace the e-mail back to it's originating computer. You might try to FORWARD the e-mail to Comcast rather than just copy it.
Posted by:
thenudehamster
29 Jan 2021
The fraudsters are getting - smarter - isn't the best word to use, but their efforts are looking more and more like the real thing; they're spelled correctly, the grammar is correct, making it a little more difficult to detect them. I had one today purporting to be a delivery notification from one of my regular electronic supply houses - and it looked pretty good - except that it was for something I'd never order, charged to a non-existent credit card - and my last order was a year ago. Even the originating address in the email looked plausible until I checked the company's CS email. Still, if it turns out to be a mistake, I'll get some bits and pieces I never ordered, and don't need - then I'll contact the company. Come to think of it, I'll still drop them a line to let them know about somebody taking their name in vain.
Posted by:
Robert A.
29 Jan 2021
A lot of scammer spammers use logos of big tech companies, i.e. Microsoft, Amazon, Xfinity, Norton-Lifelock, Google, etc., to scam recipients into believing the email is from the real company. All, they do is a search for the corporate logo of their choice, and paste it into their message to fool a gullible reader.
Also, many scammers use the the names of several nationally-known bank to announce that they have received a charge for some particular high-priced merchandise, and ask the recipient to call a phone number to verify the faux purchase, hoping it may be a bank that the recipient has an account with. I've received several from one of those well-known banks, which I know is a fraud, as they do not have any brick-and-mortar presence in my neck of the woods, nor do I have any accounts with that bank.
Posted by:
Brian B
29 Jan 2021
It is so easy to contact the alleged originator of the email and check with them whether they actually sent it.
Posted by:
bob
29 Jan 2021
Might I suggest that you have a look at DuckDuckGo as a replacement search engine for Google/Bing/ etc. It has saved my life a number of times !!!
Posted by:
Sandy Jewell
30 Jan 2021
I have been receiving spam emails addressed to my first name, repeated and .com. they must be going to every Sandy in the world. So many if them coming in to my 'spare' gmail email. I thought gmail filtered these out.
Posted by:
James Tracy
30 Jan 2021
In regards to the email about pop-ups. They are not on my computer. When I open my mail and click on Bob, I get the series of swirling dots where the pic should be. Either your browser settings are not set right or you are using a google (ugggh) browser. Try firefox. it stops ALL pop-ups.
Posted by:
Orville S.
30 Jan 2021
I got one yesterday from President Biden asking if I would be willing to serve in his cabinet as Secretary of Computer Technology. You bet I jumped on that one real fast. I start work next week.
Posted by:
ken McInnes
30 Jan 2021
I have several spoof @ addresses..if i get a paypal bill-- (ie) that is not sent from paypal.. i forward the email to paypal..(or costco or spectrum--ie spoof@costco.com) --then i delete the initial email and usually, the offended party: paypal--costco.--etc. responds to me to beware that email... I check the source of the sending email...if it says paypal.com then it is probably legitimate but if it says adpromoters.com--it is most likely a spoof email
Posted by:
Walter
30 Jan 2021
Most important: hover your arrow icon over the sender. If that little window that pops up does not show the same address as from the purported sender do not click. Even the "unsubscribe" will put you in a bad place. And African princes or Bill Gates never want to send you money.
Posted by:
hifi5000
30 Jan 2021
I received an e-mail message from an film organization that I have belonged to for years.They were asking for an renewal from me,but when I looked at the address it came from,I got suspicious.The organization's address ended in .com instead of .org.
All the information provided looked legit,but the .com ending didn't look right to me.I did not respond to it.It might have been an error on the sender's part,but I wasn't going to take a chance
Posted by:
Kenny D
30 Jan 2021
White characters on the light blue background in the comment section is hard on my eyes.
Posted by:
Pete
31 Jan 2021
I laugh when people mention a spam e-mail. I have an old email address that I don't use anymore. When I started using the internet, I didn't know better and signed up for anything and actually opened spam. I think last count that email account had about 75,000 spam messages in it.
Someone mentioned a notification request on here. I'm guessing that is the one legit thing happening. I just tell it "Later" as there was not an option for never. If I felt I needed notifications daily, I'd say yes and believe it to be fine. With security I have, (mainly my own suspicion and working with other people's computers and seeing millions of the most annoying malware/adware/spyware, I have a fairly good sense. Even with that experience, I've been either tired or dumb enough on a given day to forget to uncheck a box someplace and inadvertently have a new program. However, I notice immediately, I check my task manager every few hours (I know. Seems too much but actually, once you get accustomed to what usually shows up there, it is actually fairly easy to spot a 'unique' player in town. Often it is from a legit program that added a different kind of self-updater or something. Personally, I even turn those off at startup unless I want them to update. I'm on a Mac but do the same thing if I ever go over to the Microsoft Windows machine. Actually, I purchased a gaming desktop a year ago and haven't hooked it up yet because I know I'm going to be ticked with the junk Microsoft loves to put in their OS these days, which I actually consider Windows 10 the biggest Adware/spyware in itself these days. Microsoft lovers will have to admit the same thing if they are honest with themselves. Do a Netstat in command line or ask yourself how they can have a 'recommended apps' function and such. There are ways to turn off the myriad junk that communicates with the net on Win 10 but Microsoft has made it tough to turn off regular updates so the next time a big one comes through, the settings I like are miraculously changed back to their defaults. I won't go into those settings because, like I said, they figured out a way to stay in control. Hmm. I was going to mention something political but I shall restrain myself as somehow there are people who will find a way to 'logically' argue for the direction the world is 'advancing.' Moderator, if you feel that needs to be edited out, I will not feel offended. : )
I thought of something. Actually, Microsoft users, please don't be offended. I have now finally come to the conclusion that all the major OS are doing or moving towards the same thing. The cool thing, on my Mac, I have avoided updates for about 6 months without having to 'mess with the OS.' However, I'm completely tied into their App Store. I also realize that by avoiding their updates I'm partially opening myself to other threats. Makes me chuckle. It's really that the true enemy built my house and gave themself a key to get in whenever they want. If I play nice they won't burn my place down. [ Horrific analogy but.... smile, we're taken care of, right? : ) ] Android, Chrome OS all doing the same thing. In fact, I'm starting to trust Microsoft more than Google and Apple because as far as I know, they don't try to destroy competition that pops up on the scene and they don't hand over information to the Government as whilly nilly as Google. It's my own fault for liking Google products knowing that "Free" is absolutely never free! Never in the tech world anyway from what I've seen through the small history I've lived. Ok. Off my soap box. Need to breath. Next step, but dreading the amount of things I'll need to change, go completely to Linux/ Open Source. Even two years ago, I'd agree my choice to do so entailed a little paranoia. These days, if you read enough, you know it is possible that a day will come when our words will be used against us. Already, I was stopped from sending a supposedly 'secure message' in Facebook Messenger. I know. Why would I ever assume within that 'Free' social platform things would ever be truly secure? Granted, I'm nearly 100% sure it was not a human involved; just a bot doing its job of altering reality for the benefit of its owner in the big tech world, which has somehow become ok or at least not raised enough eyebrows to actually be stopped. I know or believe being on Facebook is like handing all my personal information over to a foreign entity, but the service is so easy to use, interesting, lets me connect with old friends and I don't have the energy to change it seems. Hmmm.
If you need to shorten this or edit it, I completely understand. Went from spam to something else I guess.
Kenny D. you can change the browser font color in your browser settings most likely. Mine shows black font on blue background.
Posted by:
kevin
31 Jan 2021
Sometimes, the opposite is the case:
I often receive email that my own checking later determines was truly sent by the company it purports to be from but that I had initially suspected was spam (or worse). This is because the sender's address, or the link in the email, contained nothing remotely resembling the name of the company. It often has the brief name (or acronym) of some intermediary marketing service (which may include buzzwords like "Click" or "Track") followed by a very long strung of random-looking characters. Legitimate companies surely want us to trust the sender and respond to their email, right? So why do they out-source the handling of their online correspondence to cryptically-named middlemen who neglect to construct their email addresses (and especially their URL inks) in a way that reflects the fact that they truly are related to their client? If they did, the cautious recipient of the email would then need to check only that the URL really does point to the destination it appears to (in the status bar as you hover your mouse pointer over over the link).
One warning for those who may not know:
In any URL, the “real” site is revealed by what comes between the second-to-last dot and the first single slash (or the end if there is none). A URL always begins with the part that says https:// (and then maybe www.) But if it then goes on to show something like "microsoft.login.com.x.com", it will not take you to any Microsoft site. It will go instead to x.com!
Likewise, if you see the following in the URL:
citibank.com.login.promo.scammer.ru/fake_but_real-looking_citibank_page.htm
...then clicking that link will load this page:
scammer.ru/fake_but_real-looking_citibank_page.htm
Any amount of additional text or random-looking strings can be inserted anywhere by the scammer to distract you (or to hide the revealing part of the URL by making it run off your screen and get truncated).
More details here:
https://www.digitalcheck.com/how-to-spot-phishing-scams/
Posted by:
Jonathan
31 Jan 2021
PC Matic and Google mail seem to handle all the weird and wonderful spam that is sent my way.
Do people still believe that they are being contacted by an African princess who needs them to help her send millions of dollars out of the country.
We get far more bogus telephone calls these days than emails. We have phone numbers in the UK and USA and over 90% of them are American. It is something that needs to hbe dealt with.
There are pretty odd results - I recently had a legitimate phone call from my doctor's surgery and was more than a little abrupt with the caller - luckily she had also been suffering from bogus calls and we had a good laugh at the situation.
Can I add that even if the call is from a legitikate supplier there can be problems when giving card information. We had £6500 extracted from two cards by an ASDA (Walmart) employee a few years ago and had to be (eventually) compensated by our bank and credit card company. After many years we still await the courtessy of an email or returned telephone call from ASDA.
Be careful, it's better to appear over cautipous than skint.