Even though we get less spam, such emails are still a major threat to internet users. Spam often contains not only commercial information but also links that lead to phishing or malware sites. And spamming techniques keep constantly evolving.
According to Statista.com, more than 50% of emails sent worldwide in 2018 were spam emails and unwanted ads. Most of them originated from China (11.69%), despite the internet censorship existing in the country. The United States of America came second, accounting for a little above 9%, while Germany took third place, reaching slightly above 7%.
Spam emails are focused not only on selling products. They often contain a fake message from a service you use or an institution you trust. Cybercriminals pretend to be your bank, the government, a mobile service provider, or any other trustworthy organization.
“Their goal is to have you open a spam email and click on suspicious links or even download an attachment that hides malware. The risks are high because they want to trick you into giving away sensitive information such as your login credentials or your bank card number,” explains Daniel Markuson, a digital privacy expert at NordVPN.
Most importantly, spammers have honed their skills over the years and developed emails that are hardly recognizable both by humans and by spam filtering algorithms. The messages have become more personalized and specific; they are more fluent and have fewer grammar mistakes than older ones. But the most interesting is the content itself and how it changes over time.
“From dietary pills to CBD oil bargains, from winning a lottery to your account being hacked. The times are changing, and so are people’s needs. It’s all reflected in spam emails, and that is to trick internet users more easily,” says Daniel Markuson, a digital privacy expert at NordVPN.
Interestingly, a big part of spam in 2018 was related to the FIFA World Cup. The event was exploited by cybercriminals who used various deception methods based on social engineering. Scammers created fake FIFA sponsor websites and sent spam emails to get access to attendees’ bank accounts and personal data. They also carried out targeted cyber-attacks. However, the number of email spam was still 4% lower in 2018 than in 2017, according to Statista.com.
But even though the contents may differ, and some may seem legit at first glance, there are a few things you should always be alert of when receiving an email:
1. A spoofed display name. The email will appear to come from a legitimate organization but the sender’s domain name will be entirely different. For example, it might look like Netflix, but if you hover over ‘Sender,’ you’ll see that the email came from firstname.lastname@example.org.
2. Embedded links. Social hackers might send an email asking you to click on a link and log back into your account (even though you haven’t been active on that site recently). The spoofed URL will lead to an infected website. One way to protect yourself is to right-click on the link and check the address to see if it looks legitimate.
3. Email attachments. Invoices, order confirmations, event invitations, and other attached files can be used to disguise viruses or malware. Don’t open them or reply to the sender if they seem suspicious. Draft a new email to the person you think emailed you.