A joint five-month study conducted by Google with Stanford University researchers analyzed over 1.2 billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack.
Experts discovered that malicious campaigns are typically short-lived and indiscriminately target users worldwide.
“However, by modeling the distribution of targeted users, we find that a person’s demographics, location, email usage patterns, and security posture all significantly influence the likelihood of attack.” reads the study published by Google. “During our measurement window, we find that attackers targeted, on average, 17.0 million users every week with hundreds of thousands of campaigns that last a median of just one day. These attacks follow a skewed distribution: 10% of phishing campaigns accounted for 76% of phishing attacks, and 10% of malware campaigns accounted for 61% of malicious attachments. Attackers broadly targeted users around the globe as part of their campaigns, with the majority of targets residing in North America and Europe. While 90% of attacks occurred in English, we show evidence that some attackers localize their efforts.”
According to the study, 42% of all targets were from the US, followed by the UK (10% of all attacks) and Japan (5% of attacks).
Both phishing and malware attacks are bursty, experts observed the volume of attacks increasing by 500% at times from week to week. At its peak, the researchers observed 117 million phishing emails targeting 41 million distinct users during the week of May 11, 2020.
“Over the course of our measurement period, we observed a total of
406,002 distinct phishing campaigns and 1,724,160 malware campaigns. Both classes of attacks exhibit a highly skewed distribution.
The top 10% of phishing campaigns account for 76% of phishing
emails, while the top 10% of malware campaigns account for 61% of
emails with malicious attachments.” continues the report.
According to the experts, 89% of malware campaigns last just one day, while the median phishing campaign lasts three days or less. The short duration
a choice of the attackers to evade detection.
Other factors of high risk of being targeted by phishing attacks reported by the experts are:
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Gmail)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.