Hackers Attack Email with More Sophisticated Techniques
Attacking users through email was one of the first tactics utilized by cybercriminals because it gets right to the heart of a person’s internet activity. For this reason, computer help and security measures have also aggressively targeted email protection so that users can safeguard private information from a leak that could be financially or personally damaging. Spam blockers and filters have gotten nuanced enough so that many users may not even be aware of the sheer volume of malicious or useless email that is sent to them every day and filed away in a spam folder.
While top security measures for email are certainly a positive development, such protection can also give rise to complacency. Users may assume that spam filters will take care of diverting potentially harmful email away from their inbox and may not take as strong precautionary measures on their own. Hackers are developing more nuanced techniques to bypass this email filtration, according to a recent report from email security provider AppRiver. Email and web threats increased in the first half of 2013. During the first six months of the year, the report recorded over 13 billion spam messages and an additional 171 million laden with viruses. The report found that the United States had the highest number of spam emails originated, and also found that Belarus had the second-highest total.
The New Dangers of Spam
A new kind of spam hacking, called Distributed Spam Distraction (DSD), is currently growing in prominence, according to the report. What PCWorld called “spam blizzards” are attacks targeted at a specific individual that can flood inboxes with up to 60,000 messages in a 12 to 24 hour period. Although they don’t contain malware, they inundate inboxes in order to prevent users from finding pertinent and legitimate email. In turn, hackers use personal and financial information they have acquired about a user to make illegal transactions online. Just before they make these transactions, they deploy a DSD on a user so that they do not notice the receipts or balance transfer notifications among the deluge of new email. Since these emails contain no malicious links themselves, they can bypass conventional spam blockers and wreak havoc on a user’s inbox.
This is an example of more nuanced hacking techniques, that, rather than attacking the user directly in ways that can be easily identified and stopped, inflict damage obliquely and make their path hard to follow, according to the report.
“This technique is highly targeted towards a specific individual, and is difficult to block in its entirety,” stated the report. “It’s also difficult to understand if you have no idea what is happening.”
According to PCWorld, this tactic also reflects the growing effort of hackers to acquire user login credentials over other methods of threatening them. Increased connectivity has made it easier than ever to exploit numerous systems and accounts once a key password credential, like that of a user’s email, has been acquired.
This is why anti-malware that looks at potentially malicious behaviors is as important as anti-malware that spots known threat signatures. When regularly updated, security solutions that employ both reactive and proactive detection strategies are the most effective at thwarting security breaches.
A reactive strategy detects viruses using published malware signature detection. A proactive strategy uses sophisticated behavior-monitoring techniques known as heuristics to build a general sense of whether a given file or group of files intends to harm your computer.
The PC optimization solution System Mechanic Pro ships with System Shield, an anti-malware solution that deploys both strategies, and is regularly updated with the latest threat definitions to catch specific malware signatures and suspicious behaviors to help keep your computer safe.