Spammers Get to Work: Tuesday is Prime Time

Written by

All in a week’s work: According to new research from IBM X-Force, Tuesday is the biggest day for spam.

It makes sense. Like any professional, spammers do their research and know Tuesday is a key day for email marketing—with 20% more opens than average, according to HubSpot.

“Contrary to the stereotype, a cyber-criminal is not necessarily a lonely guy living in his parent’s basement,” IBM X-Force spokesperson said. “Many work an eight-hour, Monday to Friday grind like you and me, sending 83% of their spam during weekdays and dropping off significantly on weekends. 85% of the malicious spam attachments deliver ransomware, which can lock data files until a ransom is paid.”

Looking at the hour range during which most spam was sent out, IBM X-Force observed a hike right around 5 a.m. Coordinated Universal Time (UTC) during weekdays, which is only 1 a.m. on the US East Coast.

“That’s because spammers start off with Europe before they follow the sun and start spamming recipients in the US,” explained Limor Kessem, IBM X-Force researcher. “The big drop in spam comes at around 8 p.m. UTC, or 4 p.m. EST, but some spamming lingers thereafter, likely only in the US at that point.”

In the different zones on the globe, X-Force data also showed that spammers like to get their sleep at night, even though there was an undercurrent of some spam activity that persists 24 hours a day.

This trend coincides with the focus of different malware families, such as banking trojans and ransomware, to target organizations and not just indiscriminate users on their email accounts. Trojans such as Dridex, TrickBot and QakBot are cybergang-owned malware designed to rob business bank accounts. As such, these gangs make sure to spam employees in very pointed bouts of malicious mail, during those times in which potential new victims are more likely to open incoming email.

While the threat of spam is real and growing—volume increased 400% last year and almost half of spam analyzed by IBM contained a malicious attachment—there are ways to avoid being duped.

While spam filters are not foolproof, they are a first line of defense, often freely available in the email client, and help to reduce the number of malicious emails that make it from the spammer’s outbox to an inbox. When one does see spam, instead of unsubscribing from spam emails—which will confirm to the spammer that the address is alive—users should mark it as junk and set up the automatic emptying of their junk folders.

If spammers are most active on Tuesday, consumers and workers should be, too: Take into consideration the spammer’s working habits.

And as always, if an email looks too good to be true, it probably is. Users should be very discerning when it comes to which attachments they open and the links they click in emails. They should check for misspellings and grammar mistakes, as well as suspicious hyperlinks or abnormal sender addresses, as these are common indicators that the sender is not what he/she seems.

What’s hot on Infosecurity Magazine?