Spam and phishing emails (opens in new tab) can be dangerous, as they often lead to more devastating cyberattacks. However researchers from Atlas VPN have found some common denominators for threat actors distributing spam and phishing emails, which targets could use to spot these emails early on and avoid more serious threats.
According to the Expel Quarterly Threat Report Q1 2022, the vast majority of malicious (opens in new tab) emails (67%) have a blank subject line. No names, no calls to action, just blank space.
While getting an email with a blank subject line can be treated as a “major red flag”, it’s not the only thing scammers are doing. A tenth of emails (9%) have “Fax Delivery Report” for the subject line, as well. Other notable mentions include “Business Proposal Request”, “Request”, “Meeting”, “You have (1) New Voice Message”, “Re: Request”, “Urgent Request”, and “Order Confirmation”.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
Spelling and grammar mistakes
Every email with one of these (or a variation of) should be treated as suspicious, right from the get-go.
There are other ways to spot malicious emails, as well, researchers further uncovered. Most of the threat actors distributing these messages come from non-English speaking communities, oftentimes resulting in emails marred with grammar and spelling errors. Email address domain (opens in new tab) should also be monitored, as no legitimate organization will send out emails from public domains, such as Hotmail, or Gmail.
> 12 things you should know about email, spam and file attachments (opens in new tab)
> Cisco antispam tool blocks thousands of emails following domain registration blunder (opens in new tab)
> Beware - that email from HR might be a cyber scam (opens in new tab)
And finally, no legitimate business will ask for private, or otherwise sensitive information, via email. If the email received carries a link, or an attachment, calling the victim to share their personal data, it’s almost absolutely an attempted fraud.
Due to its ease of use, low cost, and wide reach, email remains one of the most popular attack vectors for threat actors everywhere. Almost all of today’s data breaches started with the theft of sensitive data from an endpoint (opens in new tab), done through phishing emails.