By Charles Miller
Perhaps you have noticed as I have that in 2012-2013 there was a marked decrease in the number of spam arriving in your email inbox. The reprieve from wearing the letters off my [Delete] key seems to have come to an end in recent months and now I am finding more unwanted spam infiltrating all my email addresses.
The practice is known as “phishing” when crooks and con artist broadcast millions of spam emails hoping that some gullible computer users will fall for their scam. Campaigns are constantly evolving and crooks improving their technical sophistication so that they can fool even some tech-savvy users. It can be too easy to fall for one of these scams unless you stay vigilant.
According to researchers at Websense there has been a significant change in the source of phishing attacks and spam email. By rank, the top ten countries hosting cybercriminals are China, USA, Germany, United Kingdom, Canada, Russia, France, Hong Kong, Netherlands, and Brazil. The most interesting statistic is that one year ago China was not even on the list and now occupies the number one spot! Russia has also moved way up in the rankings. Conspicuous by its absence from the list is Nigeria; in fact one investigation has shown that almost all the “Nigerian” bank scams physically originated from Europe.
When cybercriminals go phishing, this is usually a contact with you through social media web sites or direct email. In either case they attempt to lure potential victims to click on links that download malicious code into their computer system. Another attack vector may impersonate reputable firms such as banks, electronic fund transfer services or retail stores; in this case the link can take the unsuspecting victim to a replica (fake) but authentic-looking web site. Once connected to the fake web site, the crooks attempt to make consumers input personal details such as banking credentials, passwords Social Security number, etc. Victims dumb enough to give up this information to the criminals have been known to have their investment accounts emptied within seconds.
If they take time to look at the contents of their inbox, many potential victims find that the words used in the subject line are a clue as to the enclosed scam. The words you are likely to see are Urgent, Alert, Save, Sale, Reduced, Free, New, Credit, Singles, Traffic Ticket or Arrest Warrant. The subject line is intended to imply importance or evoke some sense of urgency. One of my fellow professionals, an IT tech, enjoys playing around by sending his personal emails to me with subject lines such as: “Increase your bedroom power” or “Unclaimed IRS tax refund.”
Many email users report still receiving fewer spam emails than in years past, but according to some researchers this is not necessarily good news as campaigns are now far more sophisticated and targeted as criminals are able to access and use personal information about you found on your Facebook page and other social networking sites. According to the researchers, many phishing crooks are sending spam in lower volumes but much more targeted. Using information found online about you, they carefully construct emails calculated to yield maximum success. This information does appear to be accurate and would account for the large volume of Spanish-language spam I have been seeing in my inbox lately.
Lastly, I just have to roll my eyes when anyone tells me they will never be fooled because they only open email from people they know. They do not realize the cybercriminals know about this, and they also know who you friended on Facebook and will make sure that any scam they target on you will come with a return address on it that belongs to somebody you know and trust.
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 044-415-101-8528 or email FAQ8 (at) SMAguru.com.