19 July 20, 09:35
(This post was last modified: 19 July 20, 09:38 by harlan4096.)
Quote:Continue Reading
We examined the contents of Kaspersky’s CEO’s spam folder to find out what spammers and phishers think might entice him.
We all get masses of spam in our personal and work inboxes every single day. It ranges from harmless invitations to conferences we’ll never attend and ads for goods and services to not-so-harmless fake messages about winning a lottery or requests for help, usually in the form of a money transfer. Spammers write to everyone: students, housewives, CEOs.
We decided to take a look at what finds its way into the mailbox of the head of Kaspersky, and how the spam in his mail differs from the average. Of course, Eugene himself never sees most of these messages — they are automatically sent to the trash.
Some stats
We divided the spam in Eugene’s mailbox into several categories. The largest category (roughly a third of all messages) was B2B spam. That includes commercial offers from companies, invitations to conferences, and requests for a meeting or phone call.
In second place were phishing attempts to extract Eugene’s personal information.
In third place were advance-fee scams — messages claiming to be from the lawyers of alleged relatives and other far-flung benefactors hoping to share millions of dollars with him.
Common business spam
Unsolicited advertising for B2B services and events is a fairly harmless form of spam. Many e-mails in this category are genuine commercial offers, invitations to conferences, and the like.
Some of them might even be of interest to Eugene’s colleagues, but he himself usually only attends major industry events. Besides, he couldn’t process so many business proposals even if that was all he ever did with his time. Therefore, such messages end up in the spam folder.
Business spam is often personalized: the authors stress that the offer is unique to the Kaspersky CEO and refer to him by name. But that does not redeem them in the eyes of the spam filter.
Among the B2B messages, however, are some that look more like spam proper than misdirected proposals. For example, the authors of the e-mail in the screenshot below warn Eugene that this is his last chance to register for a webinar. They’re obviously hoping to create a sense of urgency.
Phishing
The personal data of top-level managers is highly prized, so Eugene gets far more phishing spam than other users. For example, the message below looks like a voicemail notification. Unsurprisingly, to listen to it, Eugene would have to enter his account credentials.
...