In Q2 2016, the average level of spam emails in overall email traffic equaled 57.3 per cent, according to the quarterly report on Spam and Phishing by Kaspersky Lab. This is a four per cent increase compared to Q2 2015, and one per cent increase in comparison to the previous quarter. The US elections, especially news about one particular candidate – Donald Trump – became the new hot spam topic this quarter.
During the past quarter, political topics were among one of the most interesting for spammers. The upcoming US elections and the candidates involved gave fraudsters a good opportunity to target users. Donald Trump became the one of the main topics for the majority of spam emails related to politics. In these emails, spammers told their targets about Mr. Trump’s unique methods of making money and invited them to copy Mr. Trump with their own business. To learn more, users were invited to click on the link in the email. The link led to a fake news portal with an article about how Mr. Trump made his money. To start making money themselves, users had to fill in their personal information in the online form on the webpage. The user earned no money, but cybercriminals obtained sensitive data. Among other hot topics of the quarter were the Olympic Games in Brazil, with both spammers and phishers earning money from sports fans.
Facebook accounts were brought under attack during the past quarter, with an intimate YouTube video posted on behalf of a number of compromised Facebook accounts. When trying to play the video, users were invited to install a browser plug-in entitled ‘Profesjonalny Asystent’ which is the Latin transliteration of the Russian phrase “Professional Assistant”. The message on the screen stated that without installing the plug-in users would not be able to watch the video. Yet, after installation, the malicious plug-in received the right to read all of the data in the browser, including saved passwords, logins, credit card details and other confidential information.
An unusual anomaly in the volume of malicious spam traffic was discovered in Q2 – from 1 June to 21 June, when the company’s experts registered a tremendous decrease in malicious spam email campaigns. During that time, there was a 20-fold drop in the average number of spam emails with zip archives, compared to the overall average for the quarter. At the same time, the Necurs botnet mysteriously reduced its fraudulent activities. Kaspersky Lab experts don’t have solid proof that these two events are connected, but it is likely. Several sources on the web reported that the operators behind the Necurs botnet experienced some technical issues resulting in an outage. These problems were apparently quickly fixed, as after 21 June the malicious spam email flow recovered, along with the botnet operations.
Other notable figures in Q2 include:
- The USA retained its position as the largest source of spam, sending 10.79 per cent of unwanted emails. Nevertheless, the percentage of spam email campaigns from this country is constantly decreasing. In Q2 2015, for example, it equaled 14.59 per cent.
- With 10.10 per cent of spam emails campaigns sent from Vietnam, this country took second place in the source of spam ranking, followed by India (10.01 per cent). The same quarter in 2015 showed a completely different picture, when Russia (7.82 per cent) took second place and China came third with 7.14 per cent of the world’s spam.
- Germany retained its position as the country most targeted by malicious mailshots. 14.69 per cent of Kaspersky Lab product users in the country received spam emails in their mailboxes. In Q2 2015 Germany was also at the top of the list with 19.59 per cent.
- Germany was followed by China (13.6 per cent) and Japan (6.4 per cent). The same quarter in 2015 was also led by Germany, followed by Great Britain (6.31 per cent) and Brazil settled in third place (6.04 per cent).
- The Anti-Phishing system was triggered 32,363,492 times on the computers of Kaspersky Lab users. In Q2 2015, the system was triggered 30,807,071 times, which is almost a five percent increase.
- The largest percentage of users affected by phishing attacks was in China (20.22 per cent) followed by Brazil (18.63 per cent) and Algeria (14.3 per cent). It is worth noting that the percentage of affected users in Q2 2015 was lower, the top three countries were: Brazil (9.74 per cent), India (8.3 per cent) and China (7.23 per cent). The numbers doubled compared to the same quarter of 2015.
“Spammers are quite frequently trying to use breaking news and speculate on famous people. Donald Trump was not an exception. Users should be aware of this and remain vigilant in order to mitigate their risk. We also see that social networks are highly attractive for spammers and phishers. If one of your friends is starting to behave differently online and sending provocative links or even tag you or one of your friends under suspicious posts, it’s likely his account has been compromised. Do not click on those links and do not install any software that the system might suggest. Common sense can prevent nearly all infections of this type. In addition, think twice before opening attachments in emails, the risk of infection to your computer is very high”, – warns Daria Gudkova, Spam Analysis Expert, Kaspersky Lab.
In order to stay safe and not fall into the fraudsters trap, we encourage you to stay wise while you are online. Do not click on the links and allow the installation of any plugins from suspicious online recourses. In addition, do not disable the Anti-Phishing and Anti-Spam components on your security solutions.
Read the full Spam and Phishing Report in Q2 2016 at Securelist.com.
