A New Kind of Attack: Distributed Spam Distraction

Most of the time, spam that targets a small business is harmless and won't seriously impact cybersecurity. We receive dozens of emails a day, and most of those don't carry malware. Cybersecurity training and awareness should be your first defense. Read on to find out more about these attacks. 

Modern spam attacks try a whole new angle on unsuspecting victims, but the good news is that once you learn how to spot this type of spam attack – called Distributed Spam Distraction (DSD) – it's much easier to deal with it.

What is a DSD email attack?

DSD email attacks don't work like traditional spam. They don't contain malicious attachments or anything else that might infect your computer to harvest credentials or do much worse.

In a worst-case scenario, DSD attacks can last anywhere from half a day to a full 24 hours. During that period alone, a single DSD attack can spam over 60,000 messages to a single inbox.

Sure, this type of spam doesn't hold your data for ransom, waiting for you to get desperate and pay thousands of dollars, but it can be equally frustrating.

Typically, the spam is nothing but a smokescreen to distract you with tens of thousands of emails to conceal alerts for unauthorized purchases or transfers from your bank account

It's a novel tactic and one we have seen an increase in recently.  So it's more important than ever for businesses to take cybersecurity, especially phishing and email security, more seriously in 2021.

How does the scam work?

By any measure, cybersecurity for small businesses is notoriously weak and why hackers like to target them. Many SMB’s don't usually follow basic practices like changing passwords regularly and updating software. Many of these businesses don’t have a dedicated IT professional, or their department is spread too thin to keep up with the plethora of risk management tasks necessary. 

The scam is perpetrated by hackers sending you thousands upon thousands of automated emails, trying to trick you into doing something like signing up for newsletters; only the newsletters are the smokescreen. Once you sign up, hackers can get what they came for: a perfect way to flood an inbox with distractions.

Making matters worse, anyone can go on the dark web, purchase a list of compromised email addresses and credit card numbers, visit an illegal site that provides DSD hacking platforms, and they're off to the races.

DSD attacks are becoming more commonplace as more of us live and work online during the pandemic, so what can you do to fight them?

What to do to protect against DSD attacks?

The first way to protect yourself is to recognize when a hacker has compromised your information, especially personally identifiable information. You might receive dozens upon dozens of emails back-to-back, which is undoubtedly a sign of an ongoing spam attack.

Most of the time, a hacker can only initiate a DSD attack after they've already compromised someone's email address, passwords, or PINs. Still, hackers find new and inventive ways to execute spam attacks every day, so it's essential to have a partner on your side who can help you apply cybersecurity best practices for your business. 

You should also check out our article about Protecting Your Network from Watering Hole Attacks. To learn more about how you can guard against DSD attacks, contact us today! We offer powerful tools and expert advice to keep your business safe, protected online and moving forward.