Email spam has been annoying internet users for years, but few people are aware of the extent to which it remains the leading cause of malware. All active business and personal accounts are constantly bombarded with unwanted traffic, and practically all email systems now use policy-based filtering tools to label and separate spam. Many of these emails are malicious in nature, and because spam is an effective tool for cybercriminals, they continue to use it. Email spam is evolving and becoming more sophisticated, specifically designed to evade policy-based filters and fool the account holder into clicking a link.
The results of that one click can vary, but often it leads to the installation of malware. The Center for Internet Security (CIS) posts regular updates of the top vectors for initial infection by the most prominent known malware types. Its August 2018 report shows that aside from a blip caused by the WannaCry ransomware outbreak, email spam has remained the top source of malware infection every month, and the CIS explains that it “continues to dominate as the primary infection vector.”
Further, cybersecurity company F-Secure issued a report earlier this year indicating that malicious attachments, phishing, and spear-phishing (most of which is conducted through email) account for more than a third of all cyber attacks. The cybersecurity stance of every business should reflect this reality, but many are not even aware of it.
Malware takes many forms. It describes a wide range of threats, including viruses, Trojans, and worms. At its most benign, it delivers an avalanche of advertising, which is annoying and often difficult to get rid of. At its most harmful, it results in a large-scale data breach and attacks on your customers, or extortion by hackers for sensitive information or control of the business’ IT system.
An Evolving Threat
Many of the emails in your spam folder are basically advertising. A smaller number are attempting to trick you into clicking on a malicious link or attachment. Malicious links generally deliver users to websites that are designed to trick them either into entering personal information or into downloading malware. Malicious attachments are themselves malware, and often download even more malware once they are installed.
People have generally become aware of the threat of suspicious email attachments enough to avoid clicking on those that are obviously not from colleagues or businesses they normally deal with. Those emails will also most likely be recognized by the filter of even a modest email security system.
In order to defeat the email scanning and automatic, policy-based filtering systems businesses use, criminals have adapted their approach. Spam emails in some cases appear to be from co-workers, business or personal contacts, or companies the account-holder is a customer of. Evolved spam usually delivers malware by convincing email users that the link or attachment is a security patch or other software update, an urgent business matter, or a personal document.
There are many tricks used by spammers to make their malware-delivering emails appear legitimate. Most people have seen malicious emails that take the form of crude imitations, often given away by spelling or grammar errors, lengthy URLs that end in an unfamiliar extension, such as the country code for Tokelau, or unrealistic claims. Some fake emails, however, are crafted by professional criminals and are sophisticated enough to appear legitimate to a cursory examination from both email security tools and the end user.
As a technical arms-race has developed between spammers and the cybersecurity industry, the combination of robust security systems and user awareness has become necessary to protect businesses of all sizes from the costly threat of malware.
Cybercriminals are well aware of the need for security systems to avoid false positives when identifying spam, lest they accidentally filter out important business emails.
Protecting Your Inbox
A web host offering premium business email should provide advanced protection from email threats through partnerships with leading cybersecurity technology companies. The reason partnerships are so important is that there are a number of different technologies for scanning, comparing, and isolating unwanted from wanted email, that all need to be applied to protect against the various different types and sources of spam.
Premium spam protection for business email utilizes a comprehensive approach with different tools. An initial scan can evaluate each email for compliance with the rigorous technical standards that are internationally recognized for electronic communications, and compare it against blacklists of known spammers. A pattern-recognizing tool can filter out a large amount of spam in real-time, and advanced fingerprinting compares message characteristics to the Global Threat Network. Finally, all incoming emails should be scanned on different layers to reveal viruses hidden in the message body or attachments.
One of Liquid Web’s technology partners for email security is Rackspace. Rackspace has recently upgraded its industry-leading Webmail client with improved security communication to protect businesses from emails deemed “suspicious.” Email that is marked “suspicious” has not been triggered a policy failure, and been filtered out, but has failed some validations. Rackspace has also added a function to the spam folder to block images, links, and attachments that could be included as triggers for malicious content. The person who receives the message can still interact with it, but he or she must drag it into a different folder first. Adding a step to the process reinforces the importance of treating spam folder contents as dangerous. Rackspace also now displays any discrepancy between the from email address provided in the message and the Return-Path address, which is a common sign that the message is a spoof or phishing email.
In combination, the layered capabilities of a quality professional email security service catch the maximum number of malware threats, including the subtle fakes most likely to trick employees and support the safest business email practices. A well-architected suite of complimentary industry-leading spam control tools is necessary to protect practically all businesses from malware.
Common misconceptions about spam being a mere annoyance, along with increasingly sophisticated malware delivery systems, are a costly problem for businesses. The risk of a malware infection delivered through email spam is one of the most important reasons that most businesses should use a professional email service rather than free built-in server email. A free service is attractive for businesses in early stages, but with costs associated with disk usage and system resources, as well as significant security risks, they can quickly become far more costly than the alternative. A quality professional email service with spam protection saves more than the annoyance. It could save your business.