The Rebirth of Spam

By:  |  Category: Blog, Security Wednesday, November 29th, 2017  |  No Comments

For a time, it seemed like spam was on the way out…until it resurfaced with a new look and attacked again with a vengeance. John Christian at The Outline wrote a post that summarizes the state of the spam assault.

In the early 2000s Bill Gates actually predicted that spam would be eradicated in a few years. At that time, a combination of legislative support, heavy prosecution and software countermeasures looked like it would make the pesky problem disappear.

In the last 10 years however, since mid-2014, phishing began to dominate the Web and still remains the No.1 network infection vector. This is important because cybercrime sees value in a ‘push’ model as the attack vector.

This graph from Osterman Research explains:


Spam has become the main outlet for online fraud and ransomware attacks, replacing marketing emails or “traditional spam,” and this has initiated tremendous criminal investment in spam techniques, including systems for harvesting, appending and sharing databases of potential victims.

Initially, spam fighters were trying to eliminate it by creating blacklists of untrusted mailservers (which still exist), however they are mostly ineffective through the criminal use of botnets.

Christian wrote: “But it’s 2017, and spam has clawed itself back from the grave. It shows up on social media and dating sites as bots hoping to lure you into downloading malware or clicking an affiliate link.

“It creeps onto your phone as text messages and robocalls that ring you five times a day about luxury cruises and fictitious tax bills. Networks associated with the buzzy new cryptocurrency system Ethereum have been plagued with spam.

“Facebook recently fought a six-month battle against a spam operation that was administering fake accounts in Bangladesh, Indonesia, Saudi Arabia, and other countries. This past November, ZDNet reported that voters were being inundated with political text messages they never signed up for.

“Apps can be horrid spam vectors, too — TechCrunch writer Jordan Crook wrote in April about how she idly downloaded an app called Gather that promptly spammed everyone in her contact list. Repeated mass data breaches that include contact information, such as the Yahoo breach in which 3 billion user accounts were exposed, surely haven’t helped.

“Meanwhile, you, me, and everyone we know is being plagued by robocalls. “There is no recourse for me,” lamented Troy Doliner, a student in Boston who gets robocalls every day. “I am harassed by a faceless entity that I cannot track down.”

Almost all of these vectors are using social engineering to manipulate the user into doing something against their own or their organization’s best interest.

Educating your users through security awareness training which addresses all the above attack vectors is mandatory for businesses today.

For more information on Cybersecurity training give EnhancedTECH a call for a complimentary consultation at 714-970-9330 or contact us at [email protected]


Source image: https://www.pexels.com/photo/gray-and-black-laptop-computer-1122156/

Leave a Comment
Read previous post:
Taking Your UC to the Cloud

It seems for most companies today, everything they utilize is hosted somewhere in a cloud instead of a data center...