Kaspersky Lab’s latest report – ‘spam and phishing in Q2 of 2015’ – found spam in the second quarter of 2015 was dominated by emails based on real events. ‘Nigerian’ spam emails exploited the themes of the earthquake in Nepal, the presidential election in Nigeria and the Olympics in Rio de Janeiro, in an attempt to extract personal data and voluntary donations from Internet users around the world.
Although the percentage of spam in email traffic decreased by 5.8 per cent from the previous quarter (from 59.2 per cent to 53.4 per cent), Q2 2015 saw a marked increase in the use of world events in spam emails. Some spam included fake messages asking the recipients to make a donation to help the victims of the earthquake in Nepal. In other mass mailings, fraudsters tried to lure recipients with the sum of $2 million, which the newly elected President of Nigeria was allegedly ready to send the user as compensation. Additional mailings included fraudulent notifications of lottery wins for tickets to watch the Olympic Games in Brazil, 2016, in an attempt to persuade recipients to provide fraudsters with personal data to receive their ‘win’.
Tatyana Shcherbakova, Antispam Analyst, Kaspersky Lab, said: “During Q2, 2015 we saw spammers use tragic events to trick users. It’s a tactic that fraudsters have used before, but with events like the Nepalese earthquake being covered so widely in the world’s media, these messages are likely to resonate with sympathetic recipients. To protect themselves, users should not open emails from unknown senders and remember not to click links in these emails, or open any attachments. With some fraudsters trying to make the name and address of the sender look more legitimate, this is more important than ever.”
Countries targeted
In the second quarter of 2015, there was a major change to the top three countries most often targeted by mailshots. Germany (19.59 per cent), which was only fourth in Q1, topped this quarter’s rating – every fifth antivirus detection was registered there. The UK, which headed the rating in Q1 2015, moved down to second position (6.31 per cent) and Brazil settled in third (6.04 per cent).
The USA (5.03 per cent), which was traditionally the country most often targeted by malicious mailshots, was in fourth place. In addition, Russia (4.74 per cent), which came only 10th in the previous quarter, climbed up to fifth position.
Sources of spam by country
The USA (14.59 per cent) and Russia (7.82 per cent) remained the biggest sources of spam. China came third with 7.14 per cent of the world’s spam, compared to 3.23 per cent in the previous quarter. It was followed by Vietnam (5.04 per cent compared to 4.82 per cent in Q1), Germany (4.13 per cent compared to 4.39 per cent in Q1) and Ukraine (3.90 per cent compared to 5.56 per cent in Q1).
Phishing
In Q2 2015, Kaspersky Lab’s anti-phishing system was triggered 30,807,071 times on the computers of Kaspersky Lab users. 509,905 masks of phishing URLs were added to the Kaspersky Lab databases over this period.
The proportion of spam in email traffic
Since the beginning of 2015 there has been a worldwide decline in the share of spam in email traffic, however this has now almost stopped. The second quarter of 2015 has seen this decline stabilise, fluctuating between 53.5 per cent in April and 53.23 per cent in June.
Malicious attachments in email
Trojan-Spy.HTML.Fraud.gen topped the rating of malicious programs sent by email. This program is a fake HTML page which is sent via email, imitating an important notification from a large commercial bank, an online store, or a software developer, etc. This threat appears as an HTML phishing website where a user has to enter his personal data, which is then forwarded to cybercriminals.
