Hello. Are you looking for a part-time job to supplement your income? Or are you tired of spam emails formatted exactly like this? After going through an era of relative peace and tranquility, at least as far as our inboxes are concerned, the dirt has started to come up from the sewers again and flow openly through our communication channels again. Emails, text messages, social media DMs, even outright phone calls: malicious and infuriating messages are on the rise, eating up precious brain space with their nonsense.
Brian Honan, who provides cybersecurity advice as CEO of Dublin-based firm BH Consulting, has a few theories as to why spam is making an unwanted comeback. “I think there have been many pilots,” he tells me. “The first is the natural evolution of technology. We’ve become increasingly dependent and engaged in the online world. It was happening anyway, but it’s been accelerated by the pandemic.”
Scourge of Spam
Parents and grandparents, many of whom would never have created online accounts if they weren’t suddenly the only way to see family or get groceries, have spent 2020 dreaming up passwords unsecured and passing bank details to online retailers. And then came the telecommuters.
“Accessing corporate email and messaging systems was cumbersome, especially at the start of the pandemic,” Honan points out. “So they may have implemented alternatives like Slack or used WhatsApp to communicate with friends and colleagues. A lot of companies have suddenly engaged with these platforms inadvertently. And it’s very hard to roll back someone from a platform that’s intuitively much more user-friendly than an enterprise system. So yes, the pandemic has brought more and more people online, and the criminals have been able to see that.
It’s important not to confuse the foul language and laughable hails of spam with the work of chancellors. Companies like Honan face organized crime gangs, which engage in cybercrime due to the low risk of prosecution when targeting foreign nationals.
“A lot of them actually have office buildings that people walk into,” Honan says. “They’re sitting at desks, working. We’re monitoring activity, and you can see trends – there’s a 9 to 5 in the area they’re at, and they stop working on weekends It’s very, very professional.” These teams share their knowledge and engage in concerted research to circumvent the protections of email platforms, whether by rewording emails so as not to trigger automatic filters or by using accounts that have no not been flagged as suspects.
Lately, they have changed tactics. While criminals still succeed through spam, they also prey on less protected platforms. Since telecom providers now make very little money from texting, they no longer invest in securing these services, and the gangs are taking advantage. “That’s why people are getting these text messages,” Honan explains. “Pretending to be from your bank, delivery companies or health department, saying you have been in close contact with a COVID-19 [positive] person, click here to register for a test. They ask for your credit card details, and they walk away with that information.”
A few weeks ago Europol took down iSpoof, a website through which fraudsters posed as trusted mobile contacts and allegedly stole more than £100million. The operation resulted in 142 arrests, an indication of the scale of the threat.
You can also blame Elon Musk for some of the noise. The tech baron’s high-profile takeover of Twitter led to a high-profile reduction in his staff (opens in a new tab), which in turn likely attracted criminals hoping to exploit new vulnerabilities. “Staff have been laid off, and that may have taken the human element out of checking things out, and automated systems may not be as effective [if they] aren’t kept up to date because the staff aren’t there to deal with it,” Honan says. of dollars.
Gaining access to a social media account is a particular win for criminals, as they can then “psychologically lean on people’s trusted networks” by impersonating the true owner of the account. “You get messages from friends saying, ‘I’m in Paris, I just got mugged, I lost my passport and my wallet, and this person lent me their phone. Can you wire me £400 so I can get a train ticket home?” They will use that familiarity.”
Close friendships formed through play, where contact is often rooted in text chat and rarely face-to-face, are particularly ripe for exploitation. And game accounts, with their many free convertible currencies and level 70 MMO characters, are juicy targets.
“If your password is phished or this gaming platform is compromised, the password you use for this site will be used by criminals to try to gain access to all your other gaming platforms as well,” Honan warns. “My message would be, just because you’re on a gaming platform, don’t assume there’s nothing of value in there. First is your personal information and all of your contacts. And potentially, that that you have built up over the years can become valuable.
“I’ve heard of accounts being hacked and ransomed. If you’ve been in World of Warcraft for 10 years and someone says they’re going to delete your account, would you pay $100 for it?”
What can you do there?
Some of Honan’s advice may be familiar, but it bears repeating. Passphrases are better than passwords no matter how many letters you cleverly replace with numbers, because they are harder to guess. It’s worth using a password manager, so you can have a unique phrase for each platform you use without having to try to remember them all. And permanently enable multi-factor authentication wherever it’s available, to thwart sneaking scammers.
As for silencing the constant chatter of spam: that’s trickier. “There are third-party tools you can use to filter out spam, but unfortunately it’s kind of like Whac-A-Mole,” Honan says. “For example, I have an iPhone. I received spam this morning, so I manually blocked the number. I won’t receive another message from this number, but they will move on and use one other.
“Your best bet is to use any spam filtering features on your device or platforms, make your online profiles private, and only accept messages from people who are in your circle of trust.” This might not seem like a realistic option to many. But if you want to give yourself a small dose of hope and agency, you can make an effort to report obvious spam to messaging platforms so that their filters learn how to weed it out in the future. And perhaps take comfort in knowing that we’re all doing the same thing: battling in a shared amphitheater to fend off a familiar, everyday annoyance. Guess we got that part-time job after all.