The proportion of spam in total email traffic in November amounted to 72.5 per cent – almost 10 percentage points higher than in November 2012, when Kaspersky Lab recorded a figure of 62.9 per cent. Most malicious attachments were documented in the UK, with 12.3 per cent of all mail antivirus detections triggered. An increase of 2.4 percentage points over the month saw the UK overtake Germany (11.2 per cent) and the USA (10 per cent).
Malware was primarily used to steal valuable data in November. This involved cybercriminals using fake web pages that imitated those of large commercial organisations, banks and online stores. They also stole banking information directly from users’ computers. Once downloaded to a user device, malicious files would then send themselves to all the email addresses they could find on that device, or download and launch files from the Internet without the victim’s knowledge.
Spammers sent lots of malicious programs disguised as voice messages that were located in ZIP archives. This type of scam involved a letter that appeared to be sent by Skype, for example. The attached archive contained a spyware program that stole browser cookies, and passwords for FTP clients and email accounts. All the data was then sent to cybercriminals.
Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Lab says: “In the busy period before the holidays it is worth being especially vigilant when it comes to messages from online stores, booking services, banks and payment systems. In the weeks before the holidays there’s a surge in the number of purchases and financial operations made over the Internet, which is why scammers send out more phishing messages in the hope that the recipients aren’t as attentive as usual.”
The leading types of organisation targeted by phishers were unchanged, with social networks (26.9 per cent), email services (19.2 per cent) and search engines (16.5 per cent) making up the top three. Financial and online payment organisations (16.1 per cent) remained in fourth place, but the proportion of attacks on these companies continues to grow – rising in November by 0.7 percentage points. Once again, the Australia and New Zealand Banking Group was targeted with phishing pages imitating the organisation’s official site.
Tragic events from around the world are almost always exploited by spammers, and the devastating typhoon that hit the Philippines last month was no exception, with scammers sending out so-called Nigerian letters that used the name of the Red Cross to request help for the victims.
China, whose share increased by 2 percentage points, remained the biggest source of spam. The USA ended November in second place, accounting for 18 per cent of global spam, followed by South Korea (14.5 per cent) and Taiwan (6.7 per cent). Russia (5.4 per cent), whose share grew 1.4 points, remained in fifth place. Experts recorded a slight decrease in the share of spam emanating from Canada (-0.4 percentage points) which resulted in Japan taking its place in the top ten.
The full version of the spam report for November is available at securelist.com
