No phish for the likes of you, thank you very much! Google finds email villains are picky about demographics, country

Soon may the phisherman come to leave our inbox quite undone


Kind old Google has published data on targeted email attacks and dispensed advice to help users separate friend from foe.

The pandemic has presented malware-laden email flingers with a world of opportunity and a whole new set of attack vectors. Google noted that it had seen 18 million daily malware and phishing emails related to COVID-19 on top of the over 240 million COVID daily spam messages early in the pandemic.

Google and researchers at Stanford University studied five months' worth of phishing and malware campaigns and concluded the US and the UK were the most popular targets. The same English email template also tended to get used, although localisation was improving; 78 per cent of attacks in Japan were in Japanese, for example.

The campaigns were usually brief, lasting for only a few days with between 100 and 1,000 targets, it found.

Researchers also modelled what factors put a user at a higher risk. Having your private data exposed in a breach is a given when it comes to sweetening the pot. However, where a user lives plays a part as well. While the US was the most popular target by sheer volume, Australians face double the odds of an attack per capita. The chances of being on the receiving end of a campaign was also 1.64x higher for 55 to 64-year-olds than those in the 18-24 bracket.

The conclusion was the risk is not evenly spread over demographic and geographic boundaries.

It being an emission from Google Cloud, the report recommended making use of Mountain View's phishing and malware protections. For those less inclined to make use of the Chocolate Factory's wares, a bit of common-sense advice from the UK's National Cyber Security Centre wouldn't go amiss: you can find steps to help you identify the most common phishing attacks here.

The Register peered into our own big bucket o' spam to see what delights lurked within and found the beauty you see below.

tesco

Click to enlarge

No, it was not an actual email related to Tesco (although the retailer had sent a genuine one requesting we re-enter our card details, which felt a bit phishy) but we could not help but notice that the links led back to that stout slayer of spam: Google and its API.

A Google spokesperson told The Register: "When an email is flagged for phishing, our priority is to keep our users safe. We look at many security signals, and malicious links is one of them, before taking appropriate action – one of which may be account suspension." ®


Biting the hand that feeds IT © 1998–2021