US Gmail users are most popular targets for email phishing and malware attacks

Third-party data breaches also make users more attractive targets for cyber attacks

Gmail users in the United States are the most popular targets for email phishing and malware attacks, according to Google research.

The company conducted a study to identify the factors that place a user at increased risk of attack in email phishing and malware campaigns. It worked with researchers at Stanford University to analyse all phishing and malware campaigns that Gmail blocked over a five-month period: more than 1.2 billion attacks.

The findings revealed a variety of factors - such as geographical location, demographics and the number of devices used - that can significantly influence the risk of users being targeted.

Google found that Gmail users in the United States were the most popular targets - accounting for 42 per cent of attacks recorded in the five-month period - followed by the users in the UK and Japan, who accounted for 10 per cent and 5 per cent of attacks, respectively.

Cyber actors don't want to spend time to localise their efforts, the study suggested, and use the same email template (usually in English) to target users in multiple countries.

However, there was some evidence of localisation. 78 per cent of the attacks targeting users in Japan were in Japanese, while 66 per cent of attacks targeting Brazilian users were written in Portuguese.

The researchers noticed patterns among attackers and botnets distributing phishing and malware emails. The botnets usually relied on fast campaigns lasting for just one to three days. These attacks used similar types of messages based on a template, and sent to between 100 and 1,000 targets on average. In a single week, these campaigns accounted for over 100 million malicious emails targeting Gmail users worldwide.

Users whose email ID or other details were exposed in an earlier third-party data breach were five times more likely to be targeted in phishing or malware attacks, according to the study.

The users' age also plays a role in targeted attacks, with individuals in the age group of 55-64 being more than 1.6 times likely to receive a phishing attack compared to 18- to 24-year-olds.

The study also revealed that 'compared to users who use multiple types of devices, users who own only a personal computer face slightly lower odds of targeting (0.90) and mobile-only users face even lower risks of attack (0.80)'.

This may be due to the socioeconomic (SES) factors, as attackers are more likely to target wealthier groups that usually own more than one device.