Global volumes of phishing emails dropped significantly in 2013 compared with 2012 – but that's only because today's phishing attempts are smaller and better-targeted, according to security vendors offering end-of-year warnings about 2013's most risk-prone emails and celebrities.
Recent analysis by Websense found that China and Hong Kong had joined the ranks of the top 10 phishing countries for the first time in 2013, while the US lost its rank as the number-one source of phishing emails for the first time.
Country of origin was only one telltale sign, however: five types of subject headings could be taken as telltale signs of phishing emails, Webse noted. These include:
1. Invitation to connect on LinkedIn
2. Mail delivery failed: returning message to sender
3. Dear
4. Comunicazione importante
5. Undelivered Mail Returned to Sender
Those telltale phishing subject lines may be a sure fire indication that something strange is going on, but they're not the only way for users to identify potentially malicious emails.
A ranking of the most 'dangerous' celebrities – those whose names are most often used in spam and phishing attempts in order to pique recipients' interest – found that Jennifer Aniston's name was used in 19 percent of all spam messages that include celebrity names.
Rihanna was a close second at 16 percent, while Selena Gomez was mentioned in 13 percent of jump emails.
Interestingly, not all celebrities were linked with the same types of phishing attacks. For example, Aniston's and Rihanna's names are regularly linked with sexual and pornographic content while Selena Gomez's name is used to advertise plastic surgery and purported 'free' online concerts from phishing sites that in reality collect personally identifiable data.
“The scams go so far that sometimes, celebrities are declared dead and allegedly photographed beaten or involved in hideous sex scandals,” Bitdefender e-threat analyst Loredana Botezatu said in a statement.
“The messages promise scandalous pictures or videos only to make users open attachments and click links to infect their devices with malware, expose them to inappropriate content or steal sensitive into right under people’s noses.”
Other popular celebrity phishing bait includes Miley Cyrus, Scarlet Johansson, Marilyn Monroe, Katy Perry, Beyonce Knowles, Sandra Bullock and Eminem.
Movies are also popular lures to get users to click on phishing mails, with Gravity the most popular and 12 Years a Slave, Insidious and The Avengers filling out the top four.
Follow @CSO_Australia and sign up to the CSO Australia newsletter.