What is snowshoe spam?

Featured image

Share this article

What is snowshoe spam? - Paubox

Snowshoe spam is a type of email spam that spammers send from many IP addresses and domains to avoid being caught by spam filters. Instead of sending their spam from a few IP addresses that can be easily identified, snowshoe spammers use multiple IP addresses and send smaller batches of spam from each one.

This, in fact, is how snowshoe spam got its name. Just as a snowshoe distributes your body weight across a larger surface area and allows you to stay on top of the snow, snowshoe spamming disperses the unwanted, unasked-for emails across many IP addresses and domains in order to avoid detection.

How snowshoe spam works

Snowshoe spammers craft spam emails that look legitimate. These emails often include required components, such as unsubscribe options, but snowshoe spammers do not follow up on opt-out or unsubscribe requests. Instead, they use fake Whois information and false business names to disguise their intent. They may also include links that trigger a malware attack or create an email breach that leads to a costly and damaging HIPAA violation.

Once the email spam is ready to send, snowshoe spammers use a variety of tactics to avoid being caught. They use multiple IP addresses and domains to send the email spam. They also change the domains and IP addresses frequently to dilute their reputation metrics and avoid being blacklisted. Snowshoe spammers sometimes create fake subdomains that include the name of a well-known business to convince recipients to open the email and click on links inside.

Once an employee clicks on one of the email links, it is too late to stop a malware attack.

The risks of snowshoe spam

While some snowshoe spam is annoying but not dangerous, threat actors also create snowshoe spam that carries malware. These emails are a threat to the healthcare industry because they can cause data breaches, spread computer viruses, or shut down a provider’s entire computer network until an expensive ransom is paid.

SEE ALSO: To pay or to not pay for stolen data

This type of cyberattack is on the rise, according to the FBI’s Internet Crime Complaint Center (IC3). The IC3’s 2020 Internet Crime Report points out that business email compromise (BEC) attacks reached record levels in 2020, with associated adjusted losses of $1.8 billion.

The healthcare industry is particularly vulnerable to snowshoe spam attacks because it stores valuable protected health information (PHI), often using legacy devices that should have been updated long ago. In addition, healthcare employees work long hours in high stress situations. Under these conditions, it is easy for threat actors to use social engineering to entice healthcare workers to click on a link in a spam email, triggering a malware attack or allowing access to PHI.

Paubox Email Suite Plus combats snowshoe spam

Strong email security is key to preventing snowshoe spam from landing in employees’ email inboxes. Paubox Email Suite Plus not only allows covered entities to send HIPAA compliant email by default, but it also includes inbound email security features that block malware-carrying email spam.

Paubox Email Suite Plus comes with ExecProtect, a patented feature that prevents snowshoe spammers from sending display name spoofing emails that appear to come from your CEO or senior managers.

Paubox Email Suite integrates with Google Workspace, Microsoft Exchange, or Microsoft 365 and delivers emails directly to patients’ inboxes without requiring a portal or password. Doctors can do business as usual without changing their work routines.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Chloe Bowen

Read more by Chloe Bowen

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022