The Good News about Spam

We have good news!  The amount of spam (not the canned meat) in the world has decreased steadily over the last 10 years.  According to the 2018 Trustwave Global Security Report, spam made up 85% of all inbound email messages 10 years ago (2008).  That number increased to 87.2% in 2009.  Today, spam only makes up 39.2% of inbound email.

This decrease comes primarily from improved filtering in both email networks and client programs and services.  Most of the spam that’s sent never makes it to the intended destination.  More often than not, spam messages get filtered out before they make it to your inbox, or your email client moves it to your spam folder.

The Bad News about Spam

Besides the fact that 4 out of 10 emails is spam, what’s the bad news?  10 years ago, emails touting weight loss, various herbal remedies, and fantastic income offers flooded our inboxes on a regular basis.  These messages primarily focused on stealing money, credit card data, and any other information they could get their hands on.

Today, the Trustwave report states that spam is now rivaling the web as a delivery mechanism for dangerous malware.  Malware attacks delivered via email make use of exploits and vulnerabilities within devices to install trojans, ransomware, and other malware.  This happens on a daily basis to thousands of devices.

Gone Phishing

The increase in phishing attacks represents the biggest threat of all.  Phishing attacks trick people into handing over information unknowingly.  The trust associated with large brands makes this possible.  Emails that show up in your inbox look nearly identical to a message you would receive from a particular organization.  Some phishing campaigns are even based on legitimate messages that were sent by the company, but some of the wording may have been changed.

Common Phishing Lures

Some common phishing lures include missed shipping deliveries, fake invoices, messages about your inbox being full (it probably isn’t).  These lures can lead you to download malware unwittingly.  As a general rule, if there’s a file attached to an email that you weren’t expecting, don’t open it.

The most convincing lure of all comes in the form of a possible compromise notification.  It typically says something like, “We noticed a login from ‘pick-a-location’.  If this wasn’t you, reset your password.”  Of course, the location isn’t anywhere you’ve been, so naturally, you find yourself concerned.  You click the link, enter your old password, and create a new password.  Except you didn’t.

Where Phishing Takes You

The biggest difference comes in the destination of links in the email.  Phishing attacks always take you to an illegitimate landing page.  It will look convincingly like the actual website you thought you were going to.  However once there, whatever actions you’re taking are happening on the attacker’s website.  Did you enter your old password in order to create a new one?  Now they have your actual password (the old one).  Did you download that invoice for your records?  Mission accomplished, malware.

Protect Yourself from Spam, Malware, & Phishing

Knowing what to look for provides the best protection possible.  You can learn how to recognize phishing emails in our post, 5 Tips to Recognize Phishing Emails.  You can also benefit from having help in protecting your organization.  One of the benefits of getting IT service through Pit Crew IT Services is having IT experts that keep an eye on every aspect of your digital security.  Let us help you today.  Request a free consultation below.