Spam accounted for 66.9 per cent of all email traffic in the third quarter of 2014, according to an IT security product company.
The launch of iPhone 6, and the Ice Bucket Challenge, were the two main topics that spammers used to promote junk mailings in the third quarter. This is one of the main conclusions from Kaspersky Lab’s research into the landscape of spam threats. The US (14 per cent of spam), Russia (6.1 per cent) and Vietnam (6 per cent) were the three biggest sources of spam in that third quarter of the year.
The ranking of malicious attachments detected by Kaspersky Lab products in spam was topped by Trojan.JS.Redirector.adf – a Trojan that redirects users to a malicious page. This malware scored 2.8 per cent of detections reported by mail antivirus. Andromeda malware, which hands criminals stealthy control over victim PCs, led the ranking of the most widespread malicious family: almost 12.35 per cent of all malicious software detected by Kaspersky Lab technology in spam belongs to this family. Second place is held by the Zeus/Zbot family that targets online banking users, with 10.59 per cent of detections by mail antivirus.
Phishing that targeted online financial services accounted for 38.23 per cent of all detections registered by Kaspersky Lab products. That is 13.39 percentage points more than in the previous quarter. Phishing against banks showed the highest growth rate in the financial category. The vast majority of phishing detections in the payment systems category were targeting users of PayPal (32.08 per cent), Visa (31.51 per cent) and American Express (24.83 per cent).
Spammers were keen to exploit the popularity of the Apple iPhone smartphone, and that influenced the topics they chose in the third quarter. Criminals started sending out unwanted messages about the iPhone 6 long before the official presentation was held by Apple at the beginning of September. The new smartphone was offered as a prize for different marketing contests and surveys. There were also fraudulent mailings offering big discounts on the official price of the new model. Of course none of these offers had any truth in them; they were solely used to attract users to a fraudulent scheme or a web service that the spammers wanted to promote.
Phishers were also keen to capitalise on interest in the iPhone. Different campaigns throughout the whole quarter used the Apple brand, and each news story involving the company and its products was pounced upon by the fraudsters. The IT firm saw several instances where a rapid increase in Apple-related phishing detections could be linked to the launch of new products, such as new MacBooks (end of July) and iPhone 6 (beginning of September).
Fraudsters also actively reacted to the news of celebs being hacked online, a story that reportedly involved Apple cloud services being compromised. Interestingly, this is very typical behavior for fraudsters, says the IT firm, whose staff registered an increase in detections on product launch dates.
The Ice Bucket Challenge (IBC), asking participants to douse themselves with cold water and make donations to Project ALS, an organisation that fights Amyotrophic lateral sclerosis, was another big topic for criminals. In the last quarter the IT product company detected malicious spam mailings inviting victims to watch the video of another IBC participant. However the attachments in these messages contained the malicious Backdoor.Win32.Androm.euop program allowing criminals to take control of the compromised computer.
Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Lab, said: “Although we’ve seen a small decrease of the amount of spam in email traffic, some warning trends are still clear. We detected a lot of malicious attachments targeting users’ private data, including financial information, and the number of detections of phishing web pages that target users’ money grew significantly. We expect that these trends will continue into the fourth quarter.”
More about spam in the third quarter on Securelist.com.
