There are two aspects that affect the existence (and profit) of Spammers: One is the technology at their disposal and against them. The other is our hunger for information.
1. The Technology
The first item, the technology that is at the disposal of bad actors and that can work against them, is about finding new ways to circumvent the security technologies currently available, such as DMARC (Domain-based Message Authentication, Reporting, and Conformance) and Malware Sandbox Analysis.
2. The speed and breadth of information
The second aspect is based on the speed and breadth of information that we consume, and our urge to consume it. This guarantees a constant flow of successful spam and phishing attempts. Most recently, GDPR is already being used to mask Phishing and Spear Phishing attempts. Users are experiencing a flood of emails on their privacy rights and how they need to click somewhere to meet their new policies. This is the oldest trick in the book: exploiting the users’ eagerness to click and act upon a message.
Users who click on these calls to action are either filling in a form with their personal data that ends up being used for scams, or they hit a malware dropping website. Either way, expect the recent implementation of GDPR to bring about more Business Email Compromise (transfer X amount to get GDPR certification).
GDPR Spam/Phishing is particularly important because it affects companies as well as consumers. It is not, expectedly, the only recent surge in Spam/Phishing. Before that, this happened during voting for Eurovision song contest 2018 or for the FIFA World Cup squad. That is just the past month. Media-intensive events, such as all these, will keep guaranteeing that spammers will always have a topic to exploit—all they need to worry about is technology at their disposal and that might work against them.
On the other side of the barricade, companies need to have the technology and processes in place to be on the lookout for these “zero-day” spikes of “trending topics”, as these will likely be used for phishing and targeted phishing. Which means that there must be a human component, on top of the technology protection, someone that is able to expect what is coming and adjust their filters and training for it.
What looks like a contradiction in a connected world is not: Email Security solutions need to be localized - meaning their maintenance, manual update of rules and filters, and content filtering language and speech detection must be able to understand that Country X or Industry sector Y will likely be a victim of spam/phishing on the trendy topic Z.
Author: Rui Serra
With degrees in Computer Engineering and Marketing, Rui started his career managing training documentation for IT Training and consulting firms. He then joined Nokia Siemens Networks as a Documentation Specialist and Project Scrum Master before joining AnubisNetworks in 2009, where he has advanced from managing documentation to Product Manager for the growing Product Portfolio.