Symantec

Recently Symantec completed an interesting exercise: scrutinize the words most commonly used in the top four spamming techniques and look for distinguishing characteristics. The result? It seems that each technique—general spam, phishing, malware and targeted attacks—has its own distinct pattern of word usage. Here is what Symantec Hosted Service’s MessageLabs Intelligence unit found:

• Spam—The goal of general spam is to get recipients to buy something as quickly as possible. As a result, this type of spam messaging relies on words having to do with selling something (“discount”, “price”, “sale!”) and urgency (“today”, “special”, “featured”).
• Malware—Malware isn’t about making money, so in order to get a piece of code installed on the victim’s machine for ultimate control, the words used are informational (“update”, “mail”, “attached”) and sound official (“account”, “verify”, “contact”), all in an attempt to lure victims to click a link to a website hosting malicious code.
• Phishing—Cybercriminals are trying to access a victim’s bank account, email account, or social network account. Word usage in phishing emails show a pattern geared towards collecting personal information from the victim (“address”, “paypal”, “personal”) and often claims that something has gone wrong (“error”, “apologize”, “suspend”).
• Targeted Attacks—This group of emails are crafted to trick specific individuals and groups to open a malicious email. As a result, most words relate to political or current events, organizations or financial matters (“human”, “president”, “nuclear”).

It is interesting to note that the word “please” appears in all four categories. (If nothing else, these are very polite people.)

This exercise brings home the point that users should always try to verify if a source is genuine, and never click a link or open an attachment from an unsolicited email, even if it appears genuine. If you are interested in learning more, read the entire findings

=

Eye on Messaging is written by Stephanie Jordan, editor in chief of Messaging News. If you have story ideas or news to share, email her: sjordan [at] messagingnews [dot] com