Analyses reveal 2013's most conspicuous phishing giveaways

Global volumes of phishing emails dropped significantly in 2013 compared with 2012 – but that's only because today's phishing attempts are smaller and better-targeted, according to security vendors offering end-of-year warnings about 2013's most risk-prone emails and celebrities.

Recent analysis by Websense found that China and Hong Kong had joined the ranks of the top 10 phishing countries for the first time in 2013, while the US lost its rank as the number-one source of phishing emails for the first time.

Country of origin was only one telltale sign, however: five types of subject headings could be taken as telltale signs of phishing emails, Webse noted. These include:

1. Invitation to connect on LinkedIn
2. Mail delivery failed: returning message to sender
3. Dear Customer
4. Comunicazione importante
5. Undelivered Mail Returned to Sender

Those telltale phishing subject lines may be a sure fire indication that something strange is going on, but they're not the only way for users to identify potentially malicious emails.

A ranking of the most 'dangerous' celebrities – those whose names are most often used in spam and phishing attempts in order to pique recipients' interest – found that Jennifer Aniston's name was used in 19 percent of all spam messages that include celebrity names.

Rihanna was a close second at 16 percent, while Selena Gomez was mentioned in 13 percent of jump emails.

Interestingly, not all celebrities were linked with the same types of phishing attacks. For example, Aniston's and Rihanna's names are regularly linked with sexual and pornographic content while Selena Gomez's name is used to advertise plastic surgery and purported 'free' online concerts from phishing sites that in reality collect personally identifiable data.

“The scams go so far that sometimes, celebrities are declared dead and allegedly photographed beaten or involved in hideous sex scandals,” Bitdefender e-threat analyst Loredana Botezatu said in a statement.

“The messages promise scandalous pictures or videos only to make users open attachments and click links to infect their devices with malware, expose them to inappropriate content or steal sensitive into right under people’s noses.”

Other popular celebrity phishing bait includes Miley Cyrus, Scarlet Johansson, Marilyn Monroe, Katy Perry, Beyonce Knowles, Sandra Bullock and Eminem.

Movies are also popular lures to get users to click on phishing mails, with Gravity the most popular and 12 Years a Slave, Insidious and The Avengers filling out the top four.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Tags phishing

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Security Solutions-GigaVUE-420

In partnership, Newgen provides innovative network monitoring and security solutions based upon Gigamon’s GigaVUE-420 systems.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.