Spam and phishing emails can be dangerous, as they often lead to more devastating cyberattacks. However researchers from Atlas VPN have found some common denominators for threat actors distributing spam and phishing emails, which targets could use to spot these emails early on and avoid more serious threats.
According to the Expel Quarterly Threat Report Q1 2022, the vast majority of malicious emails (67%) have a blank subject line. No names, no calls to action, just blank space.
While getting an email with a blank subject line can be treated as a “major red flag”, it’s not the only thing scammers are doing. A tenth of emails (9%) have “Fax Delivery Report” for the subject line, as well. Other notable mentions include “Business Proposal Request”, “Request”, “Meeting”, “You have (1) New Voice Message”, “Re: Request”, “Urgent Request”, and “Order Confirmation”.
Spelling and grammar mistakes
Every email with one of these (or a variation of) should be treated as suspicious, right from the get-go.
There are other ways to spot malicious emails, as well, researchers further uncovered. Most of the threat actors distributing these messages come from non-English speaking communities, oftentimes resulting in emails marred with grammar and spelling errors. Email address domain should also be monitored, as no legitimate organization will send out emails from public domains, such as Hotmail, or Gmail.
And finally, no legitimate business will ask for private, or otherwise sensitive information, via email. If the email received carries a link, or an attachment, calling the victim to share their personal data, it’s almost absolutely an attempted fraud.
Due to its ease of use, low cost, and wide reach, email remains one of the most popular attack vectors for threat actors everywhere. Almost all of today’s data breaches started with the theft of sensitive data from an endpoint, done through phishing emails.
