In May, the percentage of spam in email traffic was down 2.5 percentage points and averaged 69.7%. The experts at Kaspersky Lab noted a very slight increase in the share of phishing emails compared with April, while malicious attachments were detected in 2.8% of emails, an increase of 0.4 percentage points from the previous month. In a bid to persuade users to open these attachments, spammers imitated legitimate notifications from popular Internet services and logistics companies such as Amazon, UPS or Western Union. As expected, social networking sites remained the most attractive target for phishers.
Most of the world's spam originated from two countries - China (21.4%) and the United States (16.3%). South Korea completed the top three – its contribution continued to grow and reached 12% in May.
Spammers continued to exploit national holidays in the US - Mother's Day and Memorial Day - to advertise goods and services. After Valentine’s Day, Mother’s Day is the second most active holiday for spam mailings, and the quantity of spam from "flower" partner programs increases dramatically in the preceding days and weeks.
Our experts warn that not all of this holiday-related spam is a harmless inconvenience: users’ personal data - including banking credentials - may be the spammer’s main target. For instance, a number of phishing messages were sent in May disguised as Microsoft customer service support emails with the specific aim of stealing personal data.
The messages, which at first glance appear to come from the perfectly legitimate microsoft.com domain, stated that the user's "Microsoft Window" records would be suspended due to updates –supposedly recommended in earlier messages – not being installed. Recipients are told to immediately follow the link in the email to avoid any disruption. Users who fell for the scam ended up on a phishing site specially crafted to steal personal information.
Other mass mailings contained fraudulent notifications of wins in a non-existent lottery that was supposedly organized by Microsoft. In some mailings the scammers sent notifications about the supposed win and asked recipients to contact them for more information, while other messages promised huge sums of money while asking for a small payment to cover the costs of processing the winnings.
As the summer holiday season gets underway, experts anticipate a further increase in the number of fake notifications sent allegedly on behalf of well-known companies.
“We advise caution if you receive a notification from any service. Remember that official mailings never ask customers to enter and confirm personal or banking information via links contained in emails. Nor do they threaten to block customer accounts. Never click on a link if your antivirus program or a browser has blocked it. Pay close attention to the links in the message. If the link indicated in the email leads to an unofficial site or if the text of the email shows the address of the official website while the link leads to another page, this is a clue that you may have a phishing email in front of you. If you have any doubts about the authenticity of the email, contact the customer support of the organization which supposedly sent the email and find out whether this mass mailing really was sent out,” says Darya Gudkova, Head of Content Analysis & Research at Kaspersky Lab.
The full version of the spam report for May 2013 is available at securelist.com.