In February 2017, Radicati Group estimated that the number of email users globally stood at 3.7 billion, while the number of emails sent per day (in 2017) was about 269 billion.
I do not know how they collated these statistics, but I know Radicati Group, is one of the leading companies in the world that provide qualitative and quantitative research on security, social media, emails etc.
Mathematically, let’s say 205 billion emails are sent per day that means almost 2.4 million emails are sent every second and some 74 trillion emails are sent per year.
Apparently, this is a big market for hackers who keep sending malicious emails every now and then. We see these attacks increase on daily basis.
In a survey carried by AlienVault, over a third of the respondents said their executives have fallen victim to a CEO fraud email, and over 80 percent believed their executives could fall for targeted phishing scams in the future.
According to PhishMe, there was significant increase in the number of phishing emails embedded with ransomware payloads over the course of Q1 2016.
While as at March, 93% of the phishing emails the anti-phishing vendor, collected were all intended to infect victims with ransomware.
Practical Example of a Malicious Email
One of my peers was shown a red flag by unknown hackers and it was amazing he was able to figure it out quickly and got it averted.
When he narrated his ordeals and posted it on Quora, requesting for suggestions and professional advice from experts, thus, he was lucky to get a response from a cybersecurity expert.
The Challenge: I just received an alert email coming from @fiserve.com saying my password on my bank (it named my bank correctly) account was changed. And stupid me panicked and went to my bank and checked my login, which I got a message from the site saying it is currently down.
The email came to my Gmail account and there were no attachments. How did they know my bank account and can I receive a virus from simply looking at the email? Could there have been a virus already on my computer?
The Solution: “First all (I know it good as I worked for one of their competitors), the genuine financial company is Fiserv and not Fiserve,“ Mattia Campagnano, InfoSecPro,CyberSecurity&Forensics
This should already raise a red flag for you.
They hope you click the attached link so they can steal your financial information.
I’m pretty sure the email is poorly written and full of grammar and spelling errors, which means it was sent by somebody who’s not English mothertongue and who barely speaks it (Russian, Nigerian mob or who knows…).
Bottom line: don’t fall for it, flag it as Spam, scan your system and call it a day,” he concluded.
Conclusion
Finally, here are some of the takeaways from these series of cases, in other words, a few things you must do when you receive suspicious emails:
•Crosscheck and verify all web links before you click any of them
•Be cautious emails that sound threatening or coercing you, even if you are certain of the sender.
•Only open attachments you clearly requested.
•Any email that does not address you by your name especially emails from someone you know should be verified and investigated.
•Always use an encrypted email service and if you must send private information, start a fresh email chain