Kaspersky Lab’s latest report – ‘spam and phishing in Q2 of 2015’ – reveals spam in the second quarter of 2015 was dominated by letters based on real events.
Spam ‘Nigerian’ letters exploited the themes of the earthquake in Nepal, the presidential election in Nigeria and the Olympics in Rio de Janeiro, in an attempt to extract personal data and voluntary donations from Internet users around the world.
Although the percentage of spam in email traffic decreased by 5.8 percentage points from the previous quarter (from 59.2% to 53.4%), Q2 2015 saw a marked increase in the use of world events in spam emails. Some spam included fake messages asking the recipients to make a donation to help the victims of the earthquake in Nepal. In other mass mailings, fraudsters tried to lure recipients with the sum of $2 million, which the newly elected President of Nigeria was allegedly ready to send the user as compensation. Additional mailings included fraudulent notifications of lottery wins for tickets to watch the Olympic Games in Brazil, 2016, in an attempt to persuade recipients to provide fraudsters with personal data to receive their ‘win’.
Tatyana Shcherbakova, Antispam Analyst, Kaspersky Lab said, “During Q2, 2015 we saw spammers use tragic events to trick users. It’s a tactic that fraudsters have used before, but with events like the Nepalese earthquake being covered so widely in the world’s media, these messages are likely to resonate with sympathetic recipients. To protect themselves, users should not open emails from unknown senders and remember not to click links in these emails, or open any attachments. With some fraudsters trying to make the name and address of the sender look more legitimate, this is more important than ever.”
In the second quarter of 2015, there were major changes in the top three countries most often targeted by mailshots. Germany (19.59%), which was only fourth in Q1, topped the quarter’s rating – every fifth antivirus detection was registered there. The UK, which headed the rating in Q1 2015, moved down to second position (6.31%) and Brazil settled in third (6.04%).
The USA (5.03%), which was traditionally the country most often targeted by malicious mailshots, was in fourth place. In addition, Russia (4.74%), which came only 10th in the previous quarter, climbed to fifth position.
The USA (14.59%) and Russia (7.82%) remained the biggest sources of spam. China came third with 7.14% of the world’s spam, compared to 3.23% in the previous quarter. It was followed by Vietnam (5.04% compared to 4.82% in Q1), Germany (4.13% compared to 4.39% in Q1) and Ukraine (3.90% compared to 5.56% in Q1).
In Q2 2015, Kaspersky Lab’s anti-phishing system was triggered 30,807,071 times on the computers of Kaspersky Lab users. 509,905 masks of phishing URLs were added to the Kaspersky Lab databases over this period.
There has been a worldwide decline in the share of spam in email traffic since the beginning of the year but that has almost stopped. In the second quarter of 2015 it stabilized, fluctuating between 53.5% in April and 53.23% in June.
Trojan-Spy.HTML.Fraud.gen topped the rating of malicious programs sent by email. This program is a fake HTML page which is sent via email, imitating an important notification from a large commercial bank, an online store, or a software developer, etc. This threat appears as an HTML phishing website where a user has to enter his personal data, which is then forwarded to cybercriminals.