Sign up to our newsletter
Communication is key to much of human life and activity and comes in many forms. For many, many years, one of the most widely used means of communication was postal mail, but, after so many technological developments, this has largely been supplemented with its electronic counterpart: email.
As part of the celebration of the World Post Day (October 9th), we would like to equally celebrate the use of both traditional and electronic mail. Therefore, without discrediting the advantages each type offers – and highlighting the benefits they provide – we will summarize the different malicious campaigns that have used emails as propagation vectors.
While the purpose of this celebration is to raise awareness of the role postal mail plays in the everyday lives of people and companies, as well as its contribution to the social and economic development of countries, at the same time, this could also be applied to digital mail. Consequently, raising awareness about email contribution to progress and the associated security risks is a necessary task at present.
Ongoing threats that spread, among other means, through email
Clearly, with the increasing use of email, it became an element that caught the attention of cybercriminals, who began to exploit it with malicious purposes to take advantage of users. Since then, it was possible to identify a myriad of campaigns that used email messages and attachments to compromise potential victims.
Probably the first type has to do with hoaxes – false news distributed for different purposes, mainly through email (or social network messages), with misleading content, and which use shocking or sensational topics for propagation. Users normally forward these pieces of news because they either appear to come from a trusted source or because the message itself asks to be forwarded.
The first types of hoaxes usually distributed ads about exaggerated computer threats, news on some web service shutting down or requests to help sick people. On that basis, some of the purposes of this type of scam generally consisted of gathering addresses to send spam, creating uncertainty among recipients or simply having fun.
When it became clear that email would be so far-reaching, the first scams employing this useful tool appeared. Their purpose was mainly to generate anxiety among users, referring, for example, to alleged fortunes, lottery or inheritance that could become theirs if they followed the instructions provided.
After convincing the potential victims, the scam made its appearance. Once the victims fell into the trap, they had to pay an amount of money upfront, as a condition to access the nonexistent fortune. Sometimes the sums required were high, but less so when compared with the supposed benefit the victims would receive afterwards. At this point, perhaps the most representative example is the 419 scam (or Nigerian scam), but is not limited to this country, since there are also other cases where the fraud was translated into Spanish.
With so many threats collecting email accounts, this information began to be used to massively send spam or trash email by an unknown sender. Spam is generally used to send advertising, although it is also used to spread malicious codes, scams or phishing campaigns.
A spam email is characterized by being massive, anonymous and unwanted. However, if an email meets at least two of these features, it is already considered to be spam, just as happened recently with the fine imposed on LinkedIn for sending emails on behalf of its members. Moreover, despite the last developments of antispam technologies, we continue to witness many spam campaigns, due to the high profits they can make for their authors and the methods employed to avoid security filters.
Together with spam, phishing is another threat that continually spreads via email. It is closely related to the use of social engineering techniques, where individuals are manipulated into performing actions they had not intended to conduct, for a particular purpose. Thus, this deception technique intends to fraudulently collect the victim’s personal and/or confidential information, such as internet service passwords, or credit and debit cards details.
For the deceit to be successful, the scammer masquerades as a well-known person or company (usually banks) and, by using a fake statement that looks like an official one, tries to persuade users to provide information. This technique is still being used and cases of this kind are continuously documented, such as the recent attack targeting users of the renowned Santander bank. It is worth mentioning that, apart from using emails, phishing attacks also employ other means of communication, such as instant messaging systems or even phone calls.
And last but not least, email is still being used as one of the main methods for spreading computer threats like malware. We constantly see malware campaigns whose sole purpose is to disseminate malicious code through message attachments.
Such programs have evolved to avoid including any executable file as an attachment. They also use variants of malicious programs instead, just as the so-called macro malware, which operates from a TrojanDownloader embedded in a Microsoft Office file and, when this file is executed, it downloads more malicious programs from the internet. Similarly, other types of malware that spread through email are the recent ransomware campaigns, which follows the same principle.
So how did communications and associated threats evolve?
It is evident that the changes in the way we communicate and interact have also been adapted and adopted by cybercriminals, who are continuously developing new threats. Therefore, we have made this summary to show that as the means of communication have evolved from the traditional postal mail to electronic mails, scams and deceptions have also done so, in accordance with today’s most widely used tools.
Emails became so popular that they also turned into a platform to carry out attacks and propagate threats, from simple hoax messages to the propagation of more sophisticated malicious codes, such as ransomware or macro malware.
At ESET, we celebrate the World Post Day to emphasize its importance, to be aware of the threats that take advantage of email to spread, but above all, to raise awareness that can help us stay protected. We support and participate in different initiatives, such as the European Cyber Security Month (ECSM), with the primary purpose of helping everyone enjoy safer technology.
Author Miguel Ángel Mendoza, ESET