Interviews

Spam month

by Mark Rowe

Despite the increased share of phishing attacks on online stores, the most frequently attacked category of organisation was still social networking sites (23.5 per cent) according to a survey of spam by the IT security product firm Kaspersky Lab. In March, users of LinkedIn risked giving away their personal data as a result of phishing scams. There were also many malicious attachments sent on behalf of various well-known financial organisations. These attachments often contained malware that stole browser cookies or passwords for email programs and sent the data to a remote server run by cybercriminals.

Phishing

Social networks were once again the organisations most frequently used in phishing attacks. March saw cybercriminals compromise LinkedIn, a business-oriented social network with 200 million members all over the world. A mass mailing with a St. Patrick’s Day theme offerd users a free premium account with the networking site. To enter the account the recipient had to click a link that led to a phishing page rather than to the official LinkedIn site. The login and password entered by the user were forwarded to the fraudsters.

Second after social networks was the email and instant messenger services category (16.6 per cent). The share of search engines (14.4 per cent) and financial and online payment organisations dropped by two and 3.5 percentage points respectively, resulting in search engines leapfrogging financial services into third place. The proportion of phishing attacks on online stores grew by 8.9 percentage points, moving that category up two places to fifth (12.8 per cent).

The most widespread malicious email attachments in March:

· Trojan-Spy.HTML.Fraud.gen – a fake HTML page sent to users by email disguised as an important message from large commercial banks, online stores, software companies etc.
· Aspxor network worm – automatically infects websites, downloads and executes other software, and collects valuable data on the computer.
· Email-Worm.Win32.Bagle.gt – an email worm that sends copies of itself to all email addresses found on an infected computer. The worm also downloads files from the Internet without the user’s knowledge.
· Zbot Trojan that specialises in stealing confidential information.
· The Bublik family of Trojan downloaders – downloads malicious files to user machines and then launches them.
· The Andromeda family of backdoors that allows cybercriminals to secretly control infected computers and add them to botnets.

Maria Vergelis, Spam Analyst at Kaspersky Lab said: “Suppose you get a notification about undeclared income or a message stating that a previously filed tax return was fake. The temptation to find out more is bound to be great, which is why many recipients open the attachments in emails like these. Instead of a financial report, the attachment usually contains a Trojan that steals personal information. Cybercriminals are very resourceful and are constantly coming up with new ways to trick users. Any messages from unknown senders, no matter how important they may seem, should be treated with a lot of skepticism.”

Sources of spam by country

China was the leading spam source with 24.6 per cent of all distributed spam, an increase of 1.7 percentage points from the previous month. The US was second (17 per cent; a decrease of 2 percentage points). South Korea came third having spread 13.6 per cent of the world’s spam, 0.8 percentage points more than in February. These three countries accounted for over half of all spam sent worldwide.

Mail antivirus detections by country – top three

US (12 per cent), UK (9.8 per cent) and Germany (9.1 per cent).

Proportion of spam in email traffic

The percentage of spam in global email traffic in March decreased by 6.4 percentage points and averaged 63.5 per cent.

The full report is available at securelist.com: http://www.securelist.com/en/analysis/204792333/Spam_report_March_2014

Related News

  • Interviews

    Ambition for women

    by Mark Rowe

    Michelle Bailey, the Managing Director of South Yorkshire-based Active Response Security, featured in our September 2016 print issue and was among the…

  • Interviews

    Vetting comment on Angiolini

    by Mark Rowe

    Lady Elish Angiolini’s recommendations as part of the Sarah Everard inquiry look set to fail, writes Matrix Security Watchdog’s Susie Thomson, pictured.…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing