U.S. users most popular targets for email attackers: Google study

Users in the United States are the most popular targets for email attackers, followed by the United Kingdom and Japan, according to a new Google study that identifies the factors correlating with higher risk as well as patterns among attackers and botnets that distribute phishing and malware emails.

As part of the study which was conducted in collaboration with Stanford University, the researchers aggregated and analyzed all of the phishing and malware campaigns that Gmail automatically blocked over a five-month period to identify patterns. 

According to the study:

• Users in the United States were the most popular targets - accounting for 42% of attacks, followed by the United Kingdom, and Japan which accounted for 10% and 5% of attacks, respectively.
• Most attackers don't localize their efforts, using the same English email template for users in multiple countries.
• Regional attackers: 78% of the attacks targeting users in Japan occurred in Japanese while 66% of attacks targeting Brazilian users occurred in Portuguese.
• Attackers and botnets rely on fast-churning campaigns that are brief and bursty, lasting just one to three days on average. A similar email based on a template is sent to 100–1,000 targets on average.
• These small-scale campaigns accounted for over 100 million phishing and malware emails, in aggregate, in a single week, targeting Gmail users around the globe.

Further, the study also analyzed the factors that correlate with a heightened risk of attack using an anonymization technique called "k-anonymity". Here's what the study found:

• Email or other personal details exposed in a third-party data breach increased the odds of being targeted by phishing or malware by 5X.
• The geographic location of users also affects the attack risk. For instance, in Australia, users faced 2x the odds of attack compared to the United States.
• Demographics: The odds of experiencing an attack was 1.64X higher for 55- to 64-year-olds, compared to 18- to 24-year-olds.
• Socioeconomic factors: Mobile-only users experienced lower odds of attack: 0.80X compared to multi-device users

"Every day, we stop more than 100 million harmful emails from reaching Gmail users. Last year, during the peak of the pandemic crisis we saw 18 million daily malware and phishing emails related to COVID-19. We wanted to explore what factors influence being targeted by email phishing and malware and whether higher-risk users are adopting the strongest protections we have to offer," Google wrote in a blog post.