Spam and phishing emails can sometimes be very easy to spot if you know what to look for in the context of the header and body of the message. However, even for a seasoned web user it sometimes can be easy to get reeled in by clever phishing attacks or click on a spam message with a well-worded title.
India's influx of new Internet users has proven, however, that not knowing anything about spam is still one of the biggest reason people fall victim to email scams.
In a recent study, a spam monitoring group found that for the first time, India is ahead of the United States in spam output. The United States accounted for 8.3 percent of spam mail in the first quarter of 2012, whereas India stole first with 9.3 percent. Both nations left their competition in the dust; third place was South Korea at 5.7 percent, and Indonesia tied Russia for fourth.
In response to how a growing web usership like India could have overtaken the United States, senior technology consultant Graham Cluley said these fledgeling users aren't taking precautions to safeguard their computers or utilizing email security and are subsequently getting zombie-fied.
"While traditional marketing spam may appear to be no more than an annoyance…they can often lead to more serious threats to your personal information," Cluley said in an interview with International Business Times.
This doesn't mean American-made phishing is on the decline, but that users in India need to step up their security against blended threats. Just recently Bank of America users got a surprise from U.S. spammers in the form of falsified account warning emails, requesting account holders log in to their online accounts to review their histories for possible fraudulent transactions. The landing page linked from the email asks users for their username and password, subsequently stealing their credentials. Hoax-Slayer described the emails and linked pages as "more sophisticated" than standard phishing attempts and warned Bank of America users to be discreet with their information.
Phishing scams are moving toward more elaborate hoaxes and scammers are doing their research. A recent email phishing attack focused on customers from one specific bank, using web analytics tools to monitor online traffic and see how successful the attempts proved. This kind of spear-phishing not only puts users at higher risk of an intrusion due to the focus of a singular ambition, but because of the tools used in this attempt, the information gathered allows phishers to review and tweak their work as they aim at getting larger returns on their time.
"Fraudsters are increasingly behaving like businessmen," said communications specialist Mor Ahuvia in an interview with Dark Reading. "They want to be able to measure how successful and effective their phishing/fraud campaigns are – if the ROI is OK or needs improvement."
As phishing becomes more like a traditional business, users need to not only be aware of what to look for but must also protect their systems and private information in case an attack is successful. Safe browsing may not be enough in the future to keep spam and phishing at bay.
Data Security News from SimplySecurity.com by Trend Micro