Phishing and malicious attachments on the increase

Spam volume has dropped in August, but with the level of phishing increasing tenfold and malicious attachments being found in 3.4 percent more emails when compared with July, spam has obviously became much more dangerous, says Kaspersky Lab.

Some topics for August spam runs were predictable (“Back to School” and Labor Day), others were those topical all year around (medical and sports spam, car sales).

China still tops the list of worldwide spam sources (21 percent of all spam), with USA (19 percent) and South Korea (15.4 percent) coming second and third.

It’s interesting to note that the most widespread malware delivered via attachments is Trojan-Spy.html.Fraud.gen, a piece of malware that “appears in the form of HTML pages which imitate the registration forms of well-known banks or e-pay systems and are used by phishers to steal user credentials for online banking systems.”

The top ten list (expectedly) includes four different ransomware variants belonging to the same family (Blocker). They function by blocking the victims’ computer and asking them to pay money to have it unlocked.

Three worms – one functioning as a malware downloader, one as redirector to fraudulent sites, and the third one as email harvester and backdoor – have also made the list, as well as a variant of the Zeus banking Trojan.

“The vacation season may have been winding down, but the scammers kept up a continuous bombardment of fake messages announcing non-existent airline and hotel reservations, with the spammers using some of the biggest names in these industries,” the researchers shared.

Fake notifications purportedly coming from popular international delivery services such are also still delivering malware.

“August saw a decline in business activity so spammers got fewer orders for advertising and enthusiastically switched to fraudulent messages,” they also pointed out. “As a result, the percentage of phishing emails in global spam traffic increased tenfold compared with July, reaching 0.013%.”

The information the phishers were after were social networking account credentials (nearly 30 percent), email and IM login credentials (17 percent), search engines (16 percent), followed by financial and e-pay services, IT vendors, telephone and ISPs, etc.

Apple customers were heavily targeted during August, with fake emails ostensibly coming from “Apple Security”, urging users to “confirm” their account information within 48 hours. Unfortunately, those who fell for it had their Apple ID and password to their account compromised.

“During the summer, spam becomes more criminalized and the number of fraudulent messages containing malicious files increases,” the researchers explained the results, chalking the considerable drop in the total number of spam emails to the annual decline in business activity during the summer period.

“However, in September when business activity starts recovering this interest will pass from social networking sites back to financial institutions and the number of attacks on the banking sector will increase. At the same time, the proportions of fraudulent and malicious mailings will most likely decrease,” they concluded.

Don't miss