Unsolicited emails made up 67.6 per cent of all global email traffic in August, according to Kaspersky Lab, 3.6 percentage points lower than in July. If that change is linked to the summer holiday season, then it was the most innocuous spammers that left town: the rate of phishing messages rose more than ten times compared to July, while the volume of spam messages containing malicious attachments rose 2.5 times, accounting for 5.6 per cent of all email traffic.
The holiday season may have been winding down, but cybercriminals kept up a continuous bombardment of fake messages announcing non-existent airline and hotel reservations, with the spammers using some of the biggest names in these industries. For example, booking.com and Delta Air Lines are always an attractive target for spammer attacks; in August, Kaspersky Lab once again recorded mass mailings of scam letters that at first glance appeared to come from those companies. The fact that such messages often look genuine can relax the recipient’s vigilance. They usually prompt the user to open a malicious attachment or follow a link that initiates a file download to the hard drive. In either case, the victim computer is infected with the Tepfer Trojan that steals user credentials.
August also saw a ten-fold increase in the proportion of phishing messages. Kaspersky Lab reported mass mailings that appeared to come from an official Apple address that asked recipients to confirm their iTunes account details by following a link. The favourite target of phishing attacks, however, remains social networks.
The names of popular international delivery services, such as FedEx, UPS or DHL, also appear frequently in spam messages. These emails inform potential victims that a parcel cannot be delivered to them for some reason and that in order to collect it they have to print out the file attached to the message and then visit the company’s office or confirm specific data. In some cases the attached files supposedly contain information about the non-existent parcels. Spammers try to make these messages look as genuine as possible, using seemingly legitimate email addresses, providing detailed information about the order, genuine contact data from official sites and copying the relevant confidentiality notifications.
In August, Kaspersky Lab continued to record mass-mailing adverts for online learning courses. This category of spam message had earlier focused mostly on colleges and universities, MA and PhD programmes, but in August, prior to the start of the new school year, there were more offers to remotely complete a secondary education for those who had failed to do so on time.
The Top three sources of spam remained the same, with China, the USA and South Korea accounting for more than half of all global spam.
“In summer, spam becomes much more dangerous. The number of scam messages increases and so does the number of messages containing malicious attachments,” commented Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Lab. “Remember, it is very rare for reputable organisations to ask you for your private data, to confirm account details without advance notice, or to open email attachments. If this happens, it’s advisable to contact the support line of the organisation named in the email, and ask if they actually sent it.”
The complete version of the Kaspersky Lab’s August 2013 spam report is available at: securelist.
About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.co.uk
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report "Worldwide Endpoint Security 2012–2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.