[LINK] Research: Gmail accounts are used in 91% of all baiting email attacks
Craig Sanders
cas at taz.net.au
Sat Dec 18 14:47:01 AEDT 2021
On Fri, Dec 17, 2021 at 12:10:30PM +0000, Stephen Loosley wrote:
> “Gmail accounts are used in 91% of all baiting email attacks”
>
> By Bill Toulas November 11, 2021 https://www.bleepingcomputer.com/news/security/gmail-accounts-are-used-in-91-percent-of-all-baiting-email-attacks/
>
> Bait attacks are on the rise, and it appears that actors who distribute this
> special kind of phishing emails prefer to use Gmail accounts to conduct
> their attacks.
In my experience, outlook.com is almost as common as gmail.com for this kind
of spam.
As well as easy signup for spammers, one other reason why these domains
are used is that they are unlikely to be blacklisted entirely. Many will
block particular addresses @ those domains, but very few will blacklist the
entire domains. They're "too big to block", it would result in far too many
false-positives.
There are, however, often patterns in the headers or body of the spams that
can be used to reject or quarantine them....almost all of what gets through my
SMTP 5xx reject stage filters gets caught by my spamassasin rules.
craig
More information about the Link
mailing list