Case Studies

World Cup popular for spam

by Mark Rowe

In the first quarter of 2014, the Sochi Winter Olympics were the most popular sporting theme for spammers; in Q2 they switched their attention to the FIFA World Cup in Brazil, according to an IT security product company.

Analysis of spam developments in the second quarter (Q2) of 2014 by Kaspersky Lab found a growth in unsolicited correspondence and new cybercrime tricks. The percentage of spam in all email traffic during the second quarter of the year came to 68.6 per cent, up 2.2 percentage points from the previous quarter. The US tops the rating of the most popular spam sources, accounting for 13.4 per cent of junk mail sent worldwide. Russia came second, accounting for six per cent of world spam, followed by Vietnam in third place (five per cent).

This theme was actively exploited not only for advertising, but also malicious or just fraudulent football-related phishing emails as registered by Kaspersky Lab. In Q2 2014, we saw a new wave of spam advertising offers to buy stock in small companies. This was part of a well-known form of stock fraud called ‘pump and dump’ – spammers buy shares in small companies, artificially inflate the prices by spreading information so that they will significantly increase in value in the near future and then sell the shares at a higher price.

The changes in the list of most widespread malicious attachments reflect the growing interest among cybercriminals in users’ money. The HTML phishing website where a user is asked to enter his personal data and which is then forwarded to cybercriminals maintains its leading position. However, second place is now occupied by a banking Trojan primarily targeting the online customers of Brazilian and Portuguese banks. Noticeably, the top ten malicious programs most frequently used in email included four representatives of the Bublik family which often download the notorious ZeuS/Zbot (also designed to steal banking data) to users’ computers.

Brands target

Cybercriminals often mask spam with malicious attachments in emails from well-known organisations – delivery services, stores, social networks. In Q2, the Starbucks chain of coffee house became their most popular target. The message claimed that one of the recipient’s friends, who requested anonymity, had allegedly made an order for him at Starbucks. To view the menu, find out the address and the exact time that the order was available, the recipient had to open the attachment, an executable file that the cybercriminals hadn’t even bothered to mask.

Darya Gudkova, Head of Content Analysis & Research at Kaspersky Lab, said: “It is clear that scammers have begun to use every opportunity to intercept the most valuable user data – credentials to access online banking systems and payment information. More than half of the most popular attachments in spam now contain Trojans whose goal is to steal users’ money. The proportion of such messages may seem insignificant, but in absolute figures it is millions of malicious emails and the only reliable protection against them is an effective Internet security class solution.”

The full version of the spam report for Q2 2014 is available at Securelist: https://securelist.com/analysis/quarterly-spam-reports/65755/spam-and-phishing-in-q2-2014/.

Related News

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing