December 11, 2018 |

Online shoppers more vulnerable to spam as the holidays inch closer

Research from F-Secure warns holiday shoppers of malicious emails disguised as delivery notifications

Helsinki, Finland – December 11, 2018: New research from cyber security provider F-Secure points to spam as an attack vector to watch out for this holiday season. Spam campaigns disguised as delivery notifications or online shopping invoices have been popular with cyber criminals all year long, and researchers say these tactics can prove even more effective around the holidays.

F-Secure’s research points to spam as the most common method for cyber criminals to spread malware in 2018, accounting for 9 out of every 10 infection attempts throughout the year. Roughly 69 percent of spam campaigns attempted to trick users into visiting malicious URLs and download a malware-laden file or commit another action that results in an infection. Malicious attachments were used in the remaining 31 percent of campaigns.

These spam campaigns often use emails spoofing delivery notifications or online purchase invoices to trick users into clicking their malicious links. It’s a tactic that F-Secure Behavioral Science Lead Adam Sheehan says is more effective around the holidays.

“The kind of spam that criminals use doesn’t seem so spammy to a lot of people this time of year. More people are just more open to the commercial messages spammers like to spoof, which makes individuals more vulnerable at home and at work,” said Sheehan. “Tests we performed using simulated Black Friday and Cyber Monday phishing emails saw about 39 percent more people click than similar tactics we use at other times during the year, which isn’t a trend we like to see.”

F-Secure’s research has both good and bad news. Additional highlights include:

  • Downloaders/bots/backdoors account for 52 percent of malware delivered through spam, followed by banking trojans (42 percent) and then ransomware (6 percent)
  • The Emotet, Trickbot, and Panda banking trojans are the most frequently seen malware families delivered through spam
  • The majority of observed spam campaigns target users in the US, EU, Canada, and Japan
  • The number of active exploit kits declined from 6 in 2017 to 4 in 2018, and has decreased by 87 percent since 2013

But while the news is a mix of good and bad, F-Secure Researcher Patricia Revilla-Dacuno warns that trends only tell part of the story.

“It’s true that we see less ransomware as the main payload in these spam emails, but it’s still frequently delivered as a follow-up payload by backdoors or bots. Infection chains are becoming more complicated and the Emotet banking trojan, which is fairly common, has evolved into a credential stealer and downloader, and now used in different ways for a variety of schemes,” said Revilla-Dacuno. “A couple of years ago we could have confidently pointed to ransomware as the big issue, but now there’s more of a variety of threats to watch out for.”

More information
F-Secure Blog: Failed delivery spam and other naughty things to watch out for this holiday season

About F-Secure
Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

f-secure.com twitter.com/fsecure | facebook.com/f-secure

F-Secure media relations
Adam Pilkey
+358 40 637 8859

Latest Press Releases

September 12, 2019

Attacks using IoT devices and Windows SMB escalate in 2019

F-Secure’s global honeynet measured twelve times more attack events in H1 2019 than in H1 last year.

September 5, 2019

F-Secure Countercept continues to win trust from US enterprises

F-Secure Countercept, an award-winning managed detection and response (MDR) solution from cyber security provider F-Secure, has won the trust of another US-based enterprise in a new deal.

August 30, 2019

F-Secure joins Broadband Forum to help shape Connected Home security standards

F-Secure will contribute to the industry standardization work in the hope that the growing momentum around Connected Home and improved Home Broadband Experience is enhanced with suitable security and privacy forethought

August 9, 2019

Serious security issue in F5’s BIG-IP could lead to cyber breaches en masse

F-Secure security consultant Christoffer Jerkeby discovers security flaw with the potential to turn hundreds of thousands of load balancers into beachheads for cyber attacks

%d bloggers like this: