Spam still first choice for cyber crime, according to study

With spam emails being around for more than 40 years, cybercriminals have always found new ways to us them to catch victims out, having gauged “click rates rising from 13.4% in the second half of 2017 to 14.2% in 2018,” according to Adam Sheehan, Behavioral Science Lead at MWR InfoSecurity.

“Of the spam samples we’ve seen over spring of 2018, 46% are dating scams, 23% are emails with malicious attachments, and 31% contain links to malicious websites,” explained Päivi Tynninen, Threat Intelligence Researcher at F-Secure.

Tynnien, along with fellow researcher Jarkko Turkulainen, discussed the matter of spam emails on a recent episode of F-Secure’s podcast, Cyber Sauna.

>See also: Overlooked email security risks and how to prevent them

Furthermore, a spam email effectiveness model devised by MWR InfoSecurity found that emails from known individuals increases the likelihood of the spam email being opened by 12%, while grammatically correct subject lines increases success rate by 4.5%, and urgency within the spam email’s call to action decreases success rate compared to seemingly less urgent messages.

MWR InfoSecurity, which was established in 2003 and acquired by F-Secure in June 2018, oversees a service dedicated to minimising the risk of phishing and other cyber attacks on businesses.

One particular circulating email scam that’s recently been reported comes in the form of messages feigning the identity of professionally emphasised social network LinkedIn, the content of which tells the receiver that their LinkedIn profile has appeared in multiple searches, followed by links that claim to provide more information, but actually direct clickers to malicious sites that are capable of breaching and stealing personal and financial information.

This scam was recently reported by national anti-fraud organisation, Action Fraud.

On the other side of the coin, however, blockchain-based email spam solution BitBounce has attempted to solve this issue through sending automated emails to anyone who sends an email to someone who has integrated the platform. This automated email asks the sender to pay a Credo token, the Cryptocurrency that’s implemented by BitBounce, unless they know the person they are sending to, in which case they can click a button that adds them to the pending receiver’s whitelist.

Users are paid in Credo whenever they allow emails from new contacts into their inbox, and businesses can attach Credo tokens to marketing emails.

>See also: How email marketing is using AI to produce the best results

Some may see this supposed solution to spam as faulty, however, due to the automated emails from BitBounce potentially becoming spam itself in the eyes of senders.

Nominations are now open for the Women in IT Awards Ireland and Women in IT Awards Silicon Valley. Nominate yourself, a colleague or someone in your network now! The Women in IT Awards Series – organised by Information Age – aims to tackle this issue and redress the gender imbalance, by showcasing the achievements of women in the sector and identifying new role models

Avatar photo

Aaron Hurst

Aaron Hurst is Information Age's senior reporter, providing news and features around the hottest trends across the tech industry.