Designer clothes, watches, handbags, fabrics, and even cars abound—but designer ransomware? Yep, it’s here now too. Recent research from SophosLabs, a global network of Internet security researchers and analysts and part of Burlington, Mass.-based Sophos Ltd., points to a growing trend by the black hats to target—or filter out—specific countries when designing ransomware or other nefarious emails.
Seeking to entrap more victims by making threat-carrying spam look and sound more like authentic emails, the research says, cybercriminals have started using regional vernacular, counterfeit company logos, and locally familiar payment methods.
To frighten recipients into action, moreover, the latest malware attacks impersonate local postal companies, tax and law enforcement agencies, and utilities, sending phony shipping notifications, refunds, speeding tickets, and electric bills. At least some criminals have cleaned up their grammar and punctuation too, so you’re less likely to see the telltale misspellings or sentence fragments that make malicious emails easier to spot.
And what about the locales the spammers avoid? Sophos Senior Security Advisor Chester Wisniewski suggests malware writers often steer attacks clear of their own city or country to avoid detection or to misdirect blame to other nations. “It could be national pride or perhaps there’s a conspiratorial undertone to create suspicion about a country by omitting it from an attack,” he says.
Though Western economies are more highly targeted than other nations by cybercriminals, the report states, they also have a lower Threat Exposure Rate (TER), which measures malware infections per 1,000 Sophos endpoints in each country.
Based on data collected from January 1 to April 8 this year, the five nations with the lowest TER are the United Kingdom at 2.8 percent, the United States at 3 percent, Australia at 4.1 percent, Canada at 4.6 percent, and France at 5.2 percent. Countries with the highest TER in the same time period include Algeria at 30.7 percent, Bolivia at 20.3 percent, Pakistan at 19.9 percent, China at 18.5 percent, and India at 16.9 percent.
The takeaway for channel pros is this: “You have to look harder to spot fake emails from real ones,” says Wisniewski. “Being aware of the tactics used in your region is becoming an important aspect of security.”