A vast spam wave is sweeping across the world, sparking fears that cybercriminals are testing a new tool that’s destined to become a major threat to businesses and consumers in 2021.
It was discovered by researchers at Vade Secure, a global leader in email security, which protects and monitors one billion inboxes around the world, giving it an unparalleled ability to observe emerging threats or trends. It observed a huge surge in the number of spam emails flooding into inboxes of customers in Italy, France, Denmark and the US.
One company was hit by 300,000 spam emails in just one day, forcing it to shut down affected accounts and reset credentials. This is a costly endeavour, with each support call estimated to cost ISPs between €20 and €70.
The spam wave is unique because emails are deposited into inboxes, bypassing protection layers. Vade Security suspects the criminals are using a tool called Email Appender, which was first identified by Gemini Advisory in October 2020 and can be purchased on the Dark Web on a subscription basis.
Email Appender allows a cybercriminal to validate compromised account credentials, configure a proxy to avoid IP detection, draft a malicious email and then simply deposit the spam into compromised users’ accounts.
Adrien Gendre, Vade Secure’s Chief Product and Services Officer, said: “The emergence of Email Appender as a subscription is a warning sign of what’s to come in the Cybercrime-as-a-Service space.”
Click below to share this article
