- The proportion of spam in total email traffic in November amounted to 72.5% - almost 10 percentage points higher than in November 2012 when Kaspersky Lab recorded a figure of 62.9%.
- Most malicious attachments were recorded in the UK, with 12.3% of all mail antivirus detections triggered. An increase of 2.4 percentage points over the month saw the UK overtake Germany (11.2%) and the USA (10%).
Malware was primarily used to steal valuable data in November. This involved cybercriminals using fake web pages that imitated those of large commercial organizations, banks and online stores. They also stole banking information directly from users’ computers. Once downloaded to a user device, malicious files would then send themselves to all the email addresses they could find on that device, or download and launch files from the Internet without the victim’s knowledge.
Spammers sent lots of malicious programs disguised as voice messages that were located in ZIP archives. This sort of scam involved a letter that appeared to be sent by Skype, for example. The attached archive contained a spyware program that stole browser cookies, and passwords for FTP clients and email accounts. All the data was then sent to cybercriminals.
In the run-up to the festive season the quantity of Christmas- and New Year-themed spam continued to increase. “In the busy period before the holidays it is worth being especially vigilant when it comes to messages from online stores, booking services as well as banks and payment systems. In the weeks before the holidays there’s a surge in the number of purchases and financial operations made over the Internet, which is why scammers send out more phishing messages in the hope that the recipients aren’t as attentive as usual,” says Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Lab.
The leading types of organization targeted by phishers were unchanged, with social networks (26.9%), email services (19.2%) and search engines (16.5%) making up the top three. Financial and e-payment organizations (16.1%) remained in fourth place, but the proportion of attacks on these organizations continues to grow – rising in November by 0.7 percentage points. Once again the Australia and New Zealand Banking Group was targeted with phishing pages imitating the organization’s official site.
Tragic events from around the world are almost always exploited by spammers, and the devastating typhoon that hit the Philippines last month was no exception, with scammers sending out so-called Nigerian letters that used the name of the Red Cross to request help for the victims.
Meanwhile, China, whose share increased by 2 percentage points, remained the biggest source of spam. The USA ended November in second place, accounting for 18% of global spam, followed by South Korea (14.5%) and Taiwan (6.7%). Russia (5.4%), whose share grew 1.4 points, remained in fifth place. Experts recorded a slight decrease in the share of spam emanating from Canada (-0.4 percentage points) which resulted in Japan taking its place in the top ten.
The full version of the spam report for November is available at securelist.com.