Spam and phishing emails can be dangerous, as they often lead to more devastating cyberattacks. However researchers from Atlas VPN have found some common denominators for threat actors distributing spam and phishing emails, which targets could use to spot these emails early on and avoid more serious threats.
According to the Expel Quarterly Threat Report Q1 2022, the vast majority of malicious emails (67%) have a blank subject line. No names, no calls to action, just blank space.
While getting an email with a blank subject line can be treated as a “major red flag”, it’s not the only thing scammers are doing. A tenth of emails (9%) have “Fax Delivery Report” for the subject line, as well. Other notable mentions include “Business Proposal Request”, “Request”, “Meeting”, “You have (1) New Voice Message”, “Re: Request”, “Urgent Request”, and “Order Confirmation”.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.
Spelling and grammar mistakes
Every email with one of these (or a variation of) should be treated as suspicious, right from the get-go.
There are other ways to spot malicious emails, as well, researchers further uncovered. Most of the threat actors distributing these messages come from non-English speaking communities, oftentimes resulting in emails marred with grammar and spelling errors. Email address domain should also be monitored, as no legitimate organization will send out emails from public domains, such as Hotmail, or Gmail.
And finally, no legitimate business will ask for private, or otherwise sensitive information, via email. If the email received carries a link, or an attachment, calling the victim to share their personal data, it’s almost absolutely an attempted fraud.
Due to its ease of use, low cost, and wide reach, email remains one of the most popular attack vectors for threat actors everywhere. Almost all of today’s data breaches started with the theft of sensitive data from an endpoint, done through phishing emails.