Black Friday: Festival for AI-generated spam and phishing

Black Friday, Cyber Monday, and the weeks leading up to them are peak season for bargain hunters. Criminals are particularly active when numerous online shops are already advertising special offers.
"If you receive an email with a temptingly favorable offer, you might not take a close look or become careless. It's easy to fall into a trap that you would have recognized with a little more time for reflection," warns Arne Allisat, Head of Email Security at mail.com. "Especially now in the bargain season, it's important to keep calm when shopping online. No deal can be so cheap or so exclusive that you should jeopardize your digital identity for it."

The email provider mail.com has registered an increase of AI-generated spam. "The latest developments in artificial intelligence have kept our spam defenses noticeably busy in recent months," explains Arne Allisat. "On the one hand, there are now AI-supported tools on the darknet that make it particularly easy to send spam. These tools can be used to set up a spam server or a phishing page almost fully automatically. Although this spam is usually clumsy and easy for us to recognize, the volume is increasing significantly. On the other hand, we are seeing an increase in text quality in phishing emails: new language AI models such as ChatGPT help criminals formulate better and tailor their messages more individually to the recipients."

Spam trends 2023: Parcel services, vouchers and war-related emails

Fake emails from parcel senders are one of the top spam trends throughout the year. They give the impression that, for example, a customs fee still has to be paid for the delivery of a shipment from Amazon, FedEx, UPS, etc.. A link in the email takes the recipient to a payment portal to pay a fee. In this way, the online criminals not only get the money, but also obtain credit card details or logins for online payment services. During as Black Friday approaches, you should pay particular attention to suspicious emails from parcel services. The safest way to check the status of an order is directly on the website or in the delivery service's app.
Screenshots of phishing mails from parcel service and bank
Phishing mails are often fake messages from parcel services or financial institutions

A second scam is anti-virus spam. Victims receive an alarming email stating that their computer is infected with a virus. Renowned antivirus software manufacturers appear as the sender. A link in the email is then used to download and install a program to remove the alleged virus. This is then the actual malware that infects the user's computer.

Many spam emails relate to current topics such as the war in Ukraine. Fake vouchers for online shops or prize notifications are also common. The link to the order often conceals a virus or a phishing form that the online criminals use to obtain payment details or logins for shopping platforms.
Screenshots of phishing mails from aid organization and Target
Phishing related to the Ukraine war is newer, but fake gift cards are a classic scam

Training personal spam filters helps all users

Thanks to system filters in mail.com, the vast majority of spam and phishing emails end up in users' spam folders. Should an unwanted message nevertheless make it into the inbox, users should use it to train their personal spam filter:
"Every mailbox has its own filter system. If an email is not simply deleted from the inbox but marked as spam, the system recognizes that I don't want any more messages from this sender in future," explains Head of Email Security Arne Allisat. "At the same time, our filters learn that spam is being sent from a particular sender. With this information, we can also protect other users."

About mail.com

mail.com is one of the top free email portals in the United States, with its data center located in Lenexa, Kansas. The company offers its consumer and business users an unparalleled selection of more than 100 brand-neutral email addresses related to a broad variety of topics such as business, geographic location and personal interests. mail.com also provides online office solutions and cloud applications. Options such as mobile apps, browser add-ons and mail collector make it easy for users to access and manage their email accounts. With state-of-the-art internet security and careful adherence to customer privacy requirements, mail.com strives for optimum performance.mail.com is a member of the listed United Internet AG, Europe’s leading internet specialist.

28 people found this article helpful.

Related articles

Black Friday: Up to 20 percent more spam

The “Hi Mom!” phishing scam: How to recognize and avoid it

Spear phishing: Understanding email attacks