Since analysing 5 months of phishing / malware emails sent globally, Google and the researchers at Stanford University have released an in-depth study of their findings. The research aimed to answer questions like “Who is targeted by email-based phishing and malware? And While they looked- into more than a billion emails they tried to “measure factors that differentiate risk.” During which the results were fed into a presentation at the Internet Measurement Conference.

While looking at the automatically blocked by Gmail phishing and malware campaigns, they discovered a few things trending in the world of phishing.

Rogue email analysis: key findings

  • 42% of attacks target users in the US
  • 10% target users in the UK
  • 5% of attacks target users based in Japan

As we can see by 42%, a large- number of phishing and malware attacks are happening to users in the US, as attackers primarily focus on North America & Europe. However according to the study 16 countries are at a higher than the US, on average. With the highest risk countries being in Africa & Europe.

English: the international language of scamming

Scamming has no borders so localised attacks aren’t that popular. As a result, you’ll see the same English email templates deployed across multiple countries. In other words, English is the phishing and malware scammers preferred attack language with 83% of phishing emails and 97% of malware emails written in English. However, some localised attacks occur particularly in Japan with 78% of them written in Japanese.

The study discovers that a scammers one template can be sent to 100 – 1,000 targets. And these campaigns last on average between one to three days. So these campaigns are “fast churn” meaning in one week of small campaigns it adds up to more than 100 million phishing / malware emails that target Gmail users.

Ageing, data breaches, and fewer devices

When asked the question – What are the factors that differentiate risk? Firstly, the study uncovered the age range issue. As you move up in age range the risk of being targeted increases. For instance, if you’re in the 55-64 age range, you’re a more attractive prospect than someone in the 18-24 or even the 35-44 age ranges. This seems consistent with the theory the older people are

  1. more susceptible to scams, or
  2. online footprint is easier to find

Secondly, if there has been a previous data breach it increases the risk. The odds are you if your details have been exposed in a data breach, your more likely of being attacked again.

Scammers like to use the information they already have at their finger tips, as they dig up the demographic information.

Lastly, as you use more devices comes a higher risk while the lowest risk comes with just sticking to your mobile phone. If you use one single personal computer it puts you in mid- range.

You can read the full study here.

Brush up on your phishing knowledge

There’s a wealth of anti-phishing tips and advice. And we have some good advice from Malwarebytes:

  • How to spot mobile phishing: it’s not a no-risk category even though it’s in the lowest risk category according to the study. Caution is never a bad thing when it comes to
  • Spear phishing: Some activities lend themselves to a higher chance of being targeted. Such as old breaches which is beyond your control. Take a look at how spear phishers operate, to consider how you can reduce your risk.
  • Gaming the gamers: Take a look at a common gaming phishing style.
  • COVID scams: The pandemic saw a massive increase in malware authors, phishers, and social engineers. So we recommend familiarising yourself with scam tactics to avoid phishy antics and malware-laden missives.
  • More general phishing scams: We have a list of the most common ways phishers try and breach your trust.

Don’t be complacent about phishing

Certainly, our best advice is to not be complacent about phishing. The tips and tricks above are listed for you to be more prepared when staring at the latest phishes in your mailbox. So, take- action.  That’s to say, the attackers are real, the threat is very real.  Afterall the attackers want to steal your login, bank details, data, or hard drive access to commit a crime. Their evil email scam.

What amazes me is that this study was based on the automatically blocked campaigns, those that didn’t reach an inbox.