Skip to Main Content

Phishing for love in all the wrong places

When it comes to love and romance, some locations are just special. They simply top all others as preferred honeymoon or romantic getaway destinations. And the same is true of phishing. Some locations around the globe are just more popular than others when it comes to attempts at fooling users to click on that bogus link.

Locations are important as the phishing industry switches gears for their latest malicious campaigns. Some places just seem to get a lot more phish than others. With the arrival of Valentine’s Day, cybercriminals are shifting over to sending out bogus e-cards full of passion, moving away from their previous emails about parcels and invoices.

Phishing conditions vary by country

A two-month study of blocked phishing attempts from a sample group of Avira users found moderate differences between most countries in the levels of phishing attempts. However, one country ranked far above the others in both the total number of blocked phishing attempts and the per capita frequency when adjusted for population – the United States.

The United States had 8.8 million blocked phishing attempts during the monitored time, far outpacing the 0.7 million blocked phish in Germany over the same period. The difference was even more apparent when the numbers were adjusted by the total population of each country. Americans received nearly three times as many phishing attempts as Germans – the second highest ranking country on the phishing chart. And it’s not just something to do with the English language, as Great Britain had fewer phishing detections than either France or Italy. This data only counts the direct blocks and does not include other phishing attempts kept from even appearing on users’ screens by gateway products such as email filters.

Phish American style

The numbers should come as no surprise. America is already home to five of the 10 largest spammers in the world according to Spamhaus. Then there is the matter of scale, which Alex Vukcevic, head of the Avira Protection Lab, pointed out.

“It’s a question of marketing efficiency – and not that Americans are any more or less gullible than others. The United States is a huge market, relatively wealthy, and has one major language – and that has made spamming and phishing there more productive for the bad guys,” he said.

Be skeptical with love and phish

Phishing – whether the lure is love or a major discount – is a major security issue for those online. Jigsaw, Google’s security thinktank, estimates phishing attempts account for a whopping one percent of all emails. And that’s just the phishing emails – all together, spam messages make up about 45% of all email messages.

Success – at least from the cybercriminals’ perspective – is a numbers game with one response for roughly every 12.5 million messages sent out. To boost this level, they use a wide range of technical tweaks to hide the malicious messages from security software and work hard at crafting messages that will convince the target to click.

While phishing has been a part of the online experience for a long time, the way it is designed and delivered is constantly evolving. Here are four points to bear in mind to keep yourself from getting hooked by a phishing lure:

1. They know more about you than they used to

Phishing emails are progressively becoming more targeted thanks to the steady stream of data leaks. By parsing together various databases of passwords, account names, online activities, and even contact lists, cybercriminals have more detailed information than ever about their targets. While you may not be as important as say the leader of the US Democratic Party, you can still get a spear phishing email targeting just you.

2. They know more about the people they are “representing”

Incoming phishing messages are getting more convincing. Not only is the language more grammatically correct than before, but cybercriminals are gleaning more information from hacked databases to make their messages more alluring and clickable. What once was a laughably fraudulent Nigerian princess in distress is now a notification from Dropbox or an alert from a SaaS company. There may even be someone’s name on the message who you actually know. After all, an e-card from a contact is far more believable than one from an unknown name.

3. They now hide much better than they used to

Phishing attempts are working harder at hiding from security apps. To avoid detection, their malicious payload is often not included directly with the phishing message in your inbox. Instead, they use new distribution channels such as instant messaging apps to get their news out. And since security software often filters malicious phishing pages, the cybercriminals are expanding their use of legitimate – but compromised – websites to distribute malware.

4. Only you can (not) catch that phish

The number one security variable when it comes to phishing attempts is the device owner – you. Enhancing your security requires a healthy dose of skepticism (no, I don’t want to click on that Valentine’s card from an unknown admirer) and technical awareness:

  1. Be cautious – if something in the message seems odd – even if you know the sender – don’t click it.
  2. Hover over that link – hover the mouse pointer over the link to reveal the true URL. If it differs to the given name – don’t go there.
  3. Check it out – if you’re unsure about a link or address, just use your web browser to look it up.
  4. Control that finger – look, think, and only then click.
CountryBlocked phish detections
7Great Britain88,000
Avira data collected between Dec. 2018 – Jan. 2019. Country population data from Wikipedia.

This post is also available in: GermanFrenchItalian

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.