Spam is forty years old, and it's still the enduring favorite of cyber criminals. What's reckoned to have been the first spam was distributed in 1978 over ARPANET. ARPANET would evolve into what we now recognize as the Internet. That email was a relatively benign marketing message, but spam has become over the last four decades the most common way of delivering malware to targets.
Researchers at F-Secure gave Silicon Republic a run-down of what they've seen so far in 2018. "Of the spam samples we’ve seen over spring of 2018, 46pc are dating scams, 23pc are emails with malicious attachments and 31pc contain links to malicious websites." They also see that spammers are more successful if they can spoof an email account: people are more likely to click a link or open an attachment if they think the email came from someone they know.
Having a typo-free, idiomatic, and grammatically correct message, especially in the subject line, also increases the likelihood that the victim will take the phishbait. And while urgency works, directly urgent appeals like "act now!" are less likely to succeed than will a call to action whose urgency is implied.
So spam isn't going anywhere. It is, after all, a form of social engineering, and so a permanent feature of the ways in which people seek to take advantage of one another. Interactive, realistic training can help an organization keep pace with the constantly evolving ways this enduring threat appears.
Silicon Republic has the story: https://www.siliconrepublic.com/enterprise/spam-cyberattacks-fsecure
Free Phishing Security Test
Did you know that 91% of successful data breaches started with a spear-phishing attack?
Cyber-attacks are rapidly getting more sophisticated. We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone™ with our free test. Did you know that KnowBe4 also supports "Vishing" where you can actually send your users simulated voice mail attacks?
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser: