The few months has seen a growth in malicious spam targeting user logins, passwords and confidential information, according to a Kaspersky Lab report. The report also revealed that while the volume of spam was down by 2.4 percentage points, the proportion of malicious spam grew more than 1.5 times.
Compared to the previous quarter, Q3 2013 saw the level of phishing emails increase threefold. Trojan-Spy.HTML.Fraud.gen topped the rating of the most popular malicious program spread by email. This malware is designed to look like an html page used as a registration form for online banking services and is used by phishers to steal financial information.
The third quarter of 2013 was full of newsworthy events which grabbed public attention, such as the birth of the royal baby in the UK, the FBI hunt for Edward Snowden and the railway accident in Spain. All this news was used by fraudsters to distribute malware. The links contained in these emails led to compromised websites which redirected users to a page with one of the most popular exploit kits – Blackhole. In October, the author of Blackhole, known as Paunch, was arrested in Russia. What this will mean for the future of the kit remains unclear, but Kaspersky Lab experts suggest it could lead to a drop in the number of malicious “news” mailings.
“In the third quarter we came across a very interesting mass mailing where the fraudsters imitated a reply from the technical support service of a large antivirus company. The email informed the user that a file which he had allegedly sent for analysis turned out to be malware. The ‘technical support engineer’ attached a ‘signature’, advising that it would disinfect the computer. However, if users opened the attachment, they would find a malicious program detected by Kaspersky Anti-Virus as Email-Worm.Win32.NetSky.q.,” commented Darya Gudkova, Head of Content Analysis & Research at Kaspersky Lab.
There was little change in the leading spam sources by country in Q3. The location of botnets appears to be relatively stable, or at least there is a lull in the active relocation of botnets. Asia remained the number one regional source of spam (56.51 per cent). It was followed by North America (20.09 per cent) and Western Europe (13.47 per cent).
The full version of the spam report for Q3 2013 is available at securelist.com.
About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.co.uk
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report "Worldwide Endpoint Security 2012–2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.