Unwanted commercial emails (Spam) Continue Making Millions for Ransomware Developers

Spam emails remain one of the most discussed topics in the cyber space

Unwanted commercial email messages and similar spam has been annoying PC users for ages. However, their relevance in phishing and ransomware assaults has not decreased. While so experts believe that there are evident limitations to the technique which has been used to trick lovers of shopping online, spam still shares significant popularity among ransomware developers. As long as user can be convinced to open the ‘discount’ or ‘invoice’ attachment or not.

New shades of the old technique

Despite the number of articles about this phishing method, people continue falling for the same trick multiple times. The very technique perhaps dates back a couple of decades ago when the first computer virus emerged.

Later on, crooks discovered how profitable is to deceive users with a fake lottery and annual survey emails. Luckily, users have grown to get used to such online felony and learned to avoid it.
Nonetheless, soon afterward, cyber villains crafted new strategies.

Spam emails and their posed dangers have become again a widely discussed topic along with the emergence of Locky and Cerber. Comparing their spam techniques, the developers they reached a new level of insolence – they bombarded users with fake FBI and court subpoena emails. Alternative versions stuffed users’ spam folder with the counterfeited invoices, discount offers and similar tricks.

On the other hand, despite constant media and IT experts’ warnings, users still tend to fall into the same trap again. Facebook Message virus and Jayden K. Smith spam campaign perfectly illustrate such tendency.

Surprisingly, new Locky versions, Diablo ransomware and Lukitus ransomware, which emerged in massive spam mail campaign proved to be successful as well. This time they disguised under Customer Service Department messages urging users to download the corrupted invoice file.

What is more, Necurs botnet also facilitated the attack which helped multiple the scale of the attack. Another crypto-virus, 726 ransomware, hid in the attached .zip folder delivered along with a fake Redactive Media Group email.

Countering spam emails

While cyber felons keep polishing hacking techniques, you can notice certain patterns. Ransomware developers s tend to use corrupted .js or .docm files entitled as invoiced or notifications about undelivered goods. Other ransomware places their malware in .zip or .rar folders. Thus, observing current tendencies, take a look at the below tips:

• check whether the email which is supposedly sent by an official institution contains full credentials
• look for grammar mistakes and typos
• contact the institution directly to verify the authenticity of the received email

Ugnius Kiguolis