Thanks for signing up, a member of the Global PR team will be in touch with you shortly.
F-Secure’s research points to spam as the most common method for cyber criminals to spread malware in 2018, accounting for 9 out of every 10 infection attempts throughout the year. Roughly 69 percent of spam campaigns attempted to trick users into visiting malicious URLs and download a malware-laden file or commit another action that results in an infection. Malicious attachments were used in the remaining 31 percent of campaigns.
These spam campaigns often use emails spoofing delivery notifications or online purchase invoices to trick users into clicking their malicious links. It’s a tactic that F-Secure Behavioral Science Lead Adam Sheehan says is more effective around the holidays.
“The kind of spam that criminals use doesn’t seem so spammy to a lot of people this time of year. More people are just more open to the commercial messages spammers like to spoof, which makes individuals more vulnerable at home and at work,” said Sheehan. “Tests we performed using simulated Black Friday and Cyber Monday phishing emails saw about 39 percent more people click than similar tactics we use at other times during the year, which isn’t a trend we like to see.”
F-Secure’s research has both good and bad news. Additional highlights include:
“It’s true that we see less ransomware as the main payload in these spam emails, but it’s still frequently delivered as a follow-up payload by backdoors or bots. Infection chains are becoming more complicated and the Emotet banking trojan, which is fairly common, has evolved into a credential stealer and downloader, and now used in different ways for a variety of schemes,” said Revilla-Dacuno. “A couple of years ago we could have confidently pointed to ransomware as the big issue, but now there’s more of a variety of threats to watch out for.”
More information F-Secure Blog: Failed delivery spam and other naughty things to watch out for this holiday season
Nobody has better visibility into real-life cyber attacks than F-Secure. We’re closing the gap between detection and response, utilizing hundreds of our industry’s best technical consultants, millions of devices running our award-winning software, and ceaseless innovations in artificial intelligence. Top banks and enterprises trust our commitment to beating the world’s most potent threats. Together with our network of the top channel partners and over 200 service providers, we’re on a mission to make sure everyone has the enterprise-grade cyber security we all need.
Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.
Sign up for media information from F-Secure.
Browse through our news by year.
Browse through our news by category.