According to the Kaspersky Lab Spam and Phishing in Q3 report, the company’s products blocked 73,066,751 attempts to attack users with malicious attachments. This is the largest amount of malicious spam since the beginning of 2014 and is a 37% increase compared to the previous quarter. The majority of those attachments were ransomware trojan downloaders.
After a few relatively stable months, the percentage of spam in the global email traffic increased. The average for the quarter was 59.19%, an increase of around two percentage points on the previous quarter, meaning that around six in ten of all emails received are now unsolicited spam.
Moreover, the percentage of spam in global email traffic in September hit the yearly maximum and equaled 61.25%.
“Spam is often just unwanted advertising, but it has a darker side too. Criminals use spam to distribute malware and exploit users’ vulnerability, convincing them to hand over their money and personal details. The majority of malicious spam emails during the past quarter contained ransomware, which is yet more proof of the rising epidemic of this type of malware. We urge you not to open any suspicious attachments or click on unknown links – the website could be compromised – because all of these can result in device infection” notes Daria Gudkova, Acting Head of Content Analysis and Research, Kaspersky Lab.
Besides distributing ransomware, in Q3 spammers tried to lure victims into fraud schemes by offering them the chance to test products including expensive household appliances or cutting-edge electronics, such as the recently announced iPhone 7.
The email headers included: “Register to test & keep a new iPhone 7S!” and “Wanted: iPhone 7S Testers!” All users had to do was provide their postal and email addresses and other personal information, and pay for the postage. In return the products would be sent to them. No guarantees were given and the result was that the fraudsters simply made off with the delivery payments and personal details of their victims.
“Fraudsters often use big new stories to trick people. The iPhone 7example is just one of many that were used during the quarter. As the saying goes – free cheese is only found in a mousetrap. We urge people to stay vigilant, to treat emails from unknown senders with caution and to make sure in advance that they are using a reliable AV solution,” added Gudkova.
Other significant findings in the Spam and Phishing in Q3 2016 report include:
India moved to the top of the list of countries generating spam, with 14.02% of spam emails sent from the country. This represents a 4.4 percentage point (p.p.) increase on the previous quarter. Vietnam retained its second place with 11.01%, followed by the USA (8.88%), which moved down from first to third place.
Germany remained the target country of choice for spammers, with 13.21% of users affected by spam mailshots, down 1.48 p.p. on Q2. Japan ended the quarter as the second most favored target (8.76%), an increase of 2.36 p.p., while China (8.37%) rounded off the top three, moving down from second place.
The Kaspersky Lab anti-phishing system was triggered 37,515,531 times on the computers of Kaspersky Lab users – a 15% increase compared to Q2, 2016.
The country where the largest percentage of users were affected by phishing attacks was once again China (20.21%), followed by Brazil (18.23%) and UAE (11.07%).
‘Banks’ topped the ranking of organizations attacked by phishers, with a share of 27.13%, which is a 1.7 p.p. increase on Q2, 2016. ‘Banks’ were followed by ‘Global Internet portals’ (21.73%), an increase of 0.8 p.p. and ‘online-shops’ (12.21%), a 2.82 p.p. increase.