Fraudsters "resuscitate" SpamCannibal to spew out more spam Watch Now

special feature Cybersecurity in an IoT and Mobile World The technology world has spent so much of the past two decades focused on innovation that security has often been an afterthought. Learn how and why it is finally changing. Read More

Sending spam email remains the most popular means for cyber-crooks to spread malware and links to maliciouis websites.

According to an analysis of spam emails by security company F-Secure, nearly half (46 percent) are pushing dating scams, just under a third (31 percent) are links to malicious websites and just under a quarter (23 percent) have malicious attachments. Just five file types -- ZIP, .DOC, .XLS, .PDF, and .7Z -- make up about 85 percent of malicious attachments.

Päivi Tynninen, a threat intelligence researcher at F-Secure, said that although spam has been one of the main ways of spreading viruses and malware for decades, it has gained more popularity during the past few years as systems have become more secure against software exploits and vulnerabilities.

Crooks have also refined their techniques to deliver better results, with click rates rising from 13.4 percent in the second half of 2017 to 14.2 percent in 2018. You are 12 percent more likely to open spam if it pretends to come from someone you know, but spelling matters: a subject line free from errors improves spam's success rate by 4.5 percent.

SEE: You've been breached: Eight steps to take within the next 48 hours (free PDF)

The groups behind spam emails are also trying new tricks to infect users who are getting wise to the dangers of clicking on unsolicited attachments.

Rather than just using malicious attachments, spam messages will feature a URL that directs the victim to a harmless site, which then redirects them to a site hosting malicious content.

"The extra hop is an analysis evasion method for keeping the malicious content hosted for as long as possible," said Päivi Tynninen. When attachments are used, the criminals often attempt to avoid automatic analysis by asking the user to enter a password featured in the body of the email to open the file, she added.

Further reading