As the percentage of fraudulent emails received by users in the third quarter of 2011 has risen sharply and they represented 2 percent of all received spam emails, Kaspersky Lab warns users to be on the lookout for phishing scams targeting online gamers, official government organizations and supposed notifications from various popular companies such as MacDonald’s saying that the user has won a prize.
Emails carrying malicious attachments imitated notifications from delivery services such as DHL and UPS, or were emails sent by “Nigerian” frauds starting with sentences like “I am indeed sorry for contacting you through this means. However, I understand that the Internet has been insulted by scam and fraud stars who try to rip off people of their hard earn money. But I am a Muslim woman and I cannot lie to anyone because it is against my religion.”
There was also a particular type of malware-laden email that looked like it contained an encrypted message or like it hasn’t been displayed incorrectly:
The spammers counted on the users’ curiosity to urge them to open the attached file in search for answers.
“In Q3 2011 we came across spam emails containing links to legitimate web resources but, at the same time, carrying an SQL injection,” add the researchers. “Once a user followed the link he entered a site vulnerable to SQL injections, from where he was redirected to the spammer’s online store.”
Also, Google cloud services are still a popular choice of the spammers which allows them to sneak in malicious links without them being detected by filters.
All in all, the news is not good. Even though the percentage of spam mixed with legitimate email traffic has fallen almost 3 percentage points since the previous quarter, a recent short spike seems to indicate we are at the beginning of another rise of spam – something that is not wholly unexpected given that holiday season is upon us.
The average percentage of spam with malicious attachments reached a record-breaking high of 5.3% throughout Q3,” point out the researchers, who theorize that this spike could be attributed to the summer holiday season and the ‘second wave’ of the global economic crisis.
“We expect further growth in the amount of the partner spam in the next quarter if the situation surrounding the world economy remains uncertain. This not only refers to spam containing malicious attachments and adult content but also to other partner program spam such as pharmaceutical goods, counterfeit goods and cut-price software,” they conclude, and add that users should be extra careful of “Nigerian” scams. “If the economy shows no sign of recovery, more people will be ready to take even some of the more outlandish money-making opportunities at face value – and the “Nigerian’ spammers will take full advantage.”