Malicious spam volume hits two year high

According to the Kaspersky Lab Spam and Phishing in Q3 report, the company’s products blocked 73,066,751 attempts to attack users with malicious attachments. This is the largest amount of malicious spam since the beginning of 2014 and is a 37 percent increase compared to the previous quarter. The majority of those attachments were ransomware Trojan downloaders.

malicious spam volume

Number of email antivirus detections, Q1-Q3 2016

After a few relatively stable months, the percentage of spam within global email traffic has increased. The average for the quarter was 59.19 percent, an increase of around two percentage points from the previous quarter, meaning that around six in ten of all emails received are now unsolicited spam. Moreover, the percentage of spam in global email traffic in September hit an all-time high for the year so far at 61.25 percent.

“Spam is often just unwanted advertising, but it has a darker side too. Criminals use spam to distribute malware and exploit users’ vulnerability, convincing them to hand over their money and personal details. The majority of malicious spam emails during the past quarter contained ransomware, which is yet more proof of the rising epidemic of this type of malware. We urge you not to open any suspicious attachments or click on unknown links – the website could be compromised – because all of these can result in device infection,” notes Daria Gudkova, Acting Head of Content Analysis and Research, Kaspersky Lab.

Besides distributing ransomware, in Q3 spammers tried to lure victims into fraud schemes by offering them the chance to test products including expensive household appliances or electronics, such as the recently announced iPhone 7.

The email headers included: “Register to test & keep a new iPhone 7S!” and “Wanted: iPhone 7S Testers!” All people had to do was provide their postal and email addresses, and other personal information, and pay for the postage in return for the products to be sent to them. No guarantees were given and the result was that the fraudsters simply made off with the delivery payments and personal details of their victims.

“Fraudsters often use big new stories to trick people. The iPhone 7 example is just one of many that were used during the quarter. As the saying goes – free cheese is only found in a mousetrap. We urge people to stay vigilant, to treat emails from unknown senders with caution and to make sure in advance that they are using a reliable AV solution,” Gudkova added.

Other significant findings include:

  • India moved to the top of the list of countries generating spam, with 14 percent of spam emails sent from the country. This represents a 4.4 percentage point (p.p.) increase on the previous quarter. Vietnam retained its second place with 11 percent, followed by the USA (8.88%), which moved down from first to third place.
  • Germany remained the target country of choice for spammers, with 13 percent of users affected by spam mailshots, down 1.48 p.p. on Q2. Japan ended the quarter as the second most favored target (8.76%), an increase of 2.36 p.p., while China (8.37%) rounded off the top three, moving down from second place.
  • The Kaspersky Lab anti-phishing system was triggered 37,515,531 times on the computers of Kaspersky Lab users – a 15 percent increase compared to Q2, 2016.
  • The country where the largest percentage of users were affected by phishing attacks was once again China (20.21%), followed by Brazil (18.23%) and UAE (11.07%).
  • Banks topped the ranking of organizations attacked by phishers, with a share of 27 percent, which is a 1.7 p.p. increase on Q2, 2016. Banks were followed by Global Internet portals (21.73%), an increase of 0.8 p.p. and online-shops (12.21%), a 2.82 p.p. increase.