Most malspam contains a malicious URL these days, not file attachments

proofpoint-malspam-stats.png
Image: Proofpoint

Most malicious email spam (malspam) sent in the first half of the year has contained links to malicious files, rather than file attachments, according to telemetry gathered by cyber-security firm Proofpoint.

More precisely, 85% of all malspam sent in Q2 2019 (April, May, and June) contained a link to a malicious file download, rather than the actual malicious file attached to the email.

The Q2 number continues a Q1 trend, where malicious URLs also dominated as the favorite way of distributing malware via email spam.

But while email spam botnet operators may be criminals, they are in no way stupid. They can be as focused on running an efficient operation like any other Silicon Valley engineer, if not more.

Coinbase 2

If the majority of malspam content sent out these days leverages malicious links, this means operators are getting higher clickthroughs and infections when compared to the classic technique of attaching files to emails.

“While the reason for the continued dominance of URLs may be due to a range of factors, it is likely that most end users have been conditioned to be suspicious of attachments in unsolicited email,” Proofpoint said.

“URLs, on the other hand, are increasingly common in business email as we regularly receive notifications of shared files and collaboration updates via email as organizations move to the cloud,” it added.

Proofpoint’s findings should have repercussions across the entire cyber-security market. Companies which provide anti-phishing training should be the ones taking notes and adapting courses accordingly; focusing on preparing employees for this recent trend.

And employee training helps.

A previous Proofpoint report found that 99% of all email-based cyberattacks require human interaction, namely that the target open files, click on links, or carry out some other sort of action. With a little training, employees can be taught to recognize and avoid falling victims to these attacks.

Other findings from the Proofpoint Q2 2019 Threat Report, published earlier this month, include:

  • 57% of all malspam uses domain spoofing.
  • Botnet-based malware was the most popular malware payload sent via malspam campaigns, accounting for 37% of all emails.
  • Botnet malware was followed by banking trojans (23%), infostealers (16%), malware loaders (8%), remote access trojans (6%), and backdoor trojans (5%).
  • As in recent quarters, ransomware was virtually absent in Q2.
  • Ursnif accounted for 80% of all banking trojan payloads sent via email. It was followed by URLZone, The Trick, and Dridex.
  • The ranking for infostealer had Pony in front, followed by AZORult, Loki Bot, and Formbook.
proofpoint-malware-market-share.png

proofpoint-malware-market-share.png

Image: Proofpoint
Most malspam contains a malicious URL these days, not file attachments 1
blank
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

blank

E-Crypto News Executive Interviews


blank

bitcoin
Bitcoin (BTC) $ 32,548.00
ethereum
Ethereum (ETH) $ 2,074.16
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 290.32
cardano
Cardano (ADA) $ 1.18
xrp
XRP (XRP) $ 0.598070
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.192609
polkadot
Polkadot (DOT) $ 12.94
binance-usd
Binance USD (BUSD) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 32,548.00
ethereumEthereum (ETH)
$ 2,074.16
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 445.80
litecoinLitecoin (LTC)
$ 120.53
bitcoinBitcoin (BTC)
27.651,97
ethereumEthereum (ETH)
1.762,15
tetherTether (USDT)
0,849575
bitcoin-cashBitcoin Cash (BCH)
378,74
litecoinLitecoin (LTC)
102,40
bitcoinBitcoin (BTC)
23,914.48
ethereumEthereum (ETH)
1,523.98
tetherTether (USDT)
0.734745
bitcoin-cashBitcoin Cash (BCH)
327.55
litecoinLitecoin (LTC)
88.56

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
blank
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021
Crypto Scams On The Rise As Market Enters Bull Cycle
Crypto Scams On The Rise As Market Enters Bull Cycle
December 22, 2020
Harpreet Singh Sahni perpetrated the Plus Gold Union Coin (PGUC) scam
Sydney Concert Promoter Harpreet Sahni Involved In $50M Crypto PGUC Scam
November 2, 2020
KuCoin hackers steal $150 million
KuCoin Exchange Hacked But Insurance Will Cover The Stolen $150M
September 29, 2020

Blockchain/Cryptocurrency Questions and Answers

Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021
blank
What Is Plethori Platform And How Does It Work?
June 12, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d

bitcoin
Bitcoin (BTC) $ 32,430.00
ethereum
Ethereum (ETH) $ 2,061.89
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 288.85
cardano
Cardano (ADA) $ 1.17
xrp
XRP (XRP) $ 0.593200
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.191466
polkadot
Polkadot (DOT) $ 12.73
binance-usd
Binance USD (BUSD) $ 1.00