Aptly named, top level domain (TLD) use is picking up speed—but it turns out that the actual amount of spam traffic is in decline. According to Kaspersky Labs’ “Spam and Phishing in the First Quarter of 2015 report,” spam traffic has gone down six percent. However, phishing campaigns are enjoying a revival. This showcases how cyberattacks are evolving and adapting, not just in a constant upward trajectory. Kaspersky reports that email spam made up 59.2 percent of total “spamming,” compared to 65 percent this time last year. The steepest decline happened in December, and it has been continuously dropping through the first quarter of the year.
On a global scale, Brazil has the most phishing attacks—but the US is still the leading spam source (which means the Brazil attacks largely came from the US). One of the most popular scams is to act like a delivery, financial or insurance company in order to lure out sensitive data from targets. Of course, every tax season brings forth tax-related schemes in the US. Some brand new trends have also been appearing, like using Excel or Word attachment macros that look like financial documents (such as a money transfer or receipt). However, the downloaded file is really a Trojan, tricking targets into downloading the macros so they can infect computer devices. Microsoft ditched auto macro activation in 2007 as a preventative measure, but some victims manually download them believing they are legitimate.
Cybercriminals have been purchasing and using TLDs to kick-start their phishing attacks. There have also been sites on new domains (which are legitimate) that are then hacked by criminals or are utilized via redirect chains. In other words, the newer the TLD, the better the odds of it being used as a phishing scheme. The Kaspersky report notes that, “According to our observations, email traffic in Q1 2015 saw a considerable increase in the number of new domains that sent out spam of different content. In general there wasn’t much connection between the theme of the spam and the domain name, but in some cases there was an evident logical connection between them. For example, emails sent from the work domains contained offers to carry out various types of work, such as household maintenance, construction or equipment installation. Many of these messages from the .science domains were advertising schools that offer distance learning, colleges to train nurses, criminal lawyers and other professionals.”
There are a slew of new TLDs in 2015, and some countries are especially encouraging residents and those who do business in those countries to adopt the appropriate URL (such as .ca for Canada, etc.). The adoption of TLDs means businesses can enjoy more geo-targeting and might have a better chance of scoring the URL they prefer. It’s much easier to get something like www.example.work than www.example.com. However, Kaspersky says that the biggest threats are gone—for now—since summer 2014 was the leading season for security threats, particularly spam. After all, 2014 was the year of security breaches.
Juniper Research estimates that threats will continue to inch up in coming years, reaching $2 trillion in 2019. Plus, The Whir conducted an April 2015 study which revealed that a lot of people in the US and UK are nervous about checking out the latest gTLD sites, wary of scams. Since there have been 50 gTLDs in the past year that were created solely for phishing attacks, such wariness is warranted. However, following general best practices (and a little common sense) can help keep people safe from attacks.