Spam and phishing emails (opens in a new tab) can be dangerous, often leading to more devastating cyberattacks. However, Atlas VPN researchers did find some common threads for threat actors distributing spam and phishing emails, which targets could use to detect these emails early and avoid more serious threats.
According to Expel's Quarterly Threat Report, Q2022 67, the vast majority of malicious emails (opens in new tab) (XNUMX%) have an empty subject line. No names, no calls to action, just blank spaces.
While receiving an email with an empty subject line can be treated as a "major red flag," that's not all scammers do. One tenth of emails (9%) also have "Fax Delivery Report" in the subject line. Other notable mentions include "Request for Business Proposal," "Request," "Meeting," "You have (1) new voicemail," "Re: Request," "Rush Request," and "Order Confirmation."
Spelling and grammatical errors
Any email containing one of these elements (or a variation thereof) should be treated as suspicious from the outset.
There are also other ways to detect malicious emails, the researchers found. Most of the threat actors distributing these messages come from non-English speaking communities, often resulting in emails with grammatical and spelling errors. The domain of the email address (opens in a new tab) should also be monitored, as no legitimate organization will send email from public domains, such as Hotmail or Gmail.
And lastly, no legitimate company will ask for private or sensitive information via email. If the email received contains a link or attachment that asks the victim to share their personal details, it is almost certainly a scam attempt.
Due to its ease of use, low cost, and wide reach, email remains one of the most popular attack vectors for threat actors around the world. Nearly all current data breaches began with the theft of sensitive data from an endpoint (opens in a new tab) via phishing emails.