Sophisticated Spammers Behind Surge in Online Attacks

Spam emails are often redirected to a junk mailbox where unwanted messages can be deleted with a couple clicks. But when opened, these unsolicited emails can contain malicious attachments and links to phishing websites—and a new study has found it’s only getting worse.

In the past year, the number of spam emails sent surged by 400 per cent, according to the latest research by IBM’s X-Force Kassel. The Germany-based team runs one of the largest databases of honeypots and spam research.

“Nowadays, malware is more sophisticated than ever, and its delivery methods are not falling short,” wrote study co-author Limor Kessem in a blog post. She’s an executive security advisor at IBM Security.

Analyzing spam over a six-month period, the IBM research team found that nearly 44 per cent contained malicious attachments. More so, 85 per cent of those attachments are delivering ransomware, locking data and charging users to unlock or recover files.

IBM X-Force Threat Intelligence Index looked into the spammer’s workweek to better understand how they operate. Turns out, they’re like most people, operating a Monday to Friday schedule with Tuesday being the most productive day for generating spam content.

They discovered that nearly a third of spam originated from India, while South America wasn’t far behind at 25 per cent. By comparison, only 7 per cent of all spam comes from Canada and the US.

“Studying the trends that move illicit spamming and the mechanisms that enable cybercrime is an essential part of threat intelligence and situational awareness for any organization,” wrote Kessem.

The research team also examined botnets capable of spreading internet spam at all hours. Often acting on behalf of cybergangs, Kessem called Necurs—a sophisticated botnet—”a major threat.” One of its most recent ploys was delivering fake DocuSign attachments.

“Botnets such as Necurs never sleep, and their zombie members can be programmed to spew out spam at any time of day,” Kessem said. “Botnet operators are constantly looking for new ways to circumvent spam filters and make it through to recipients’ inboxes without being blocked or their malicious attachments being disabled.”

Kessem explained that with millions of malicious emails sent every day, businesses can help keep their organizations safe from spammers and spambots by understanding their methods.