Psychological trick used for spam

Friday, June 26th, 2015 | Taichi Nakamura | Comments Off on Psychological trick used for spam

Subject Title “stop spamming me”

There was an interesting spam today caught on the university email spam filter system.
It used a psychological trick manipulating people’s behaviour.
The subject title and the content contained a complaint towards spams being sent continuously from a certain department and had a Microsoft Word document attached with the details of the spam they were receiving.

The uniqueness to this spam was that it avoided being deleted instantly by not using the common subject title and its following sentences that spammers use.
Then carefully sent to a third party employee that is interested in helping.
Hope for the spammer next was that the employee will try and be helpful. Otherwise from the human nature of curiosity the employee would click the attachment.

Of course after that, the malware hidden in the Word document would be infecting the PC.

More Specific

The spam looked like a genuine complaint. But the complaint was not real.
The sender and receiver’s email address was forged. But with the recent standard email applications usually hiding the headers by default, it would be difficult for the receiver to have spot it.

How the subject line and contents looked was not like the commonly computer generated spam. But rather a complaint written by a native English speaker.
It had nothing to identify it was a spam. It had enough but minimal information gaining more necessity to investigate further to understand the full picture.
With that it gained more possibility to have the employee read the contents rather than throwing the spam straight away, and then checking the attachment.

The receiver wasn’t associated to the department being complained on the spam’s contents. But it did look like a genuine complaint having real department names included.
So if the employee tried to be helpful he/she could have easily been tricked to check the attachment and then be infected by the malware.

How to Avoid 

Best practice is to never open an email attachment unless you know who it is from, expecting them and absolutely sure it is legitimate.
If there is an attachment that you are not expecting it is best to be suspicious and contact the sender or Information Security Office to receive clarification.

Recent Type of Spams

Often spams provide the notion that the matter is critical to be responded immediately and requesting to do something.
It often contains malicious attachment sor links.

Recent spam types:
Bank requesting change of passwords
Helpdesk informing your email account being out of quota and to click on a link to avoid getting locked
Someone wealthy overseas wanting to send money or funds
Unknown parcels having difficulty to be delivered
Copyright and other infringement notices that you do not recognise the reason for
Conference and paper submission invites
Sales of equipments and goods
Apple iTunes and other vendor’s apps and services requesting to go to a website and authenticate