In August, unsolicited emails made up 67.6% of all global email traffic, according to Kaspersky Lab figures. That’s 3.6 percentage points lower than in July. If that change is linked to the summer vacation season, then it was the most innocuous spammers that left town: the rate of phishing messages rose more than 10 times compared to July, while the volume of spam messages containing malicious attachments rose 2.5 times, accounting for 5.6% of all email traffic.
The vacation season may have been winding down, but cybercriminals kept up a continuous bombardment of fake messages announcing non-existent airline and hotel reservations, with the spammers using some of the biggest names in these industries. For example, booking.com and Delta Air Lines are always an attractive target for spammer attacks; in August, Kaspersky Lab once again recorded mass mailings of scam letters that at first glance appeared to come from those companies. The fact that such messages often look genuine can relax the recipient’s vigilance. They usually prompt the user to open a malicious attachment or follow a link that initiates a file download to the hard drive. In either case, the victim computer is infected with the Tepfer Trojan that steals user credentials.
August also saw a ten-fold increase in the proportion of phishing messages. Kaspersky Lab reported mass mailings that appeared to come from an official Apple address that asked recipients to confirm their iTunes account details by following a link. The favorite target of phishing attacks, however, remains social networks. The names of popular international delivery services, such as FedEx, UPS or DHL, also appear frequently in spam messages. These emails inform potential victims that a parcel cannot be delivered to them for some reason and that in order to collect it they have to print out the file attached to the message and then visit the company’s office or confirm specific data. In some cases the attached files supposedly contain information about the non-existent parcels. Spammers try to make these messages look as genuine as possible, using seemingly legitimate email addresses, providing detailed information about the order, genuine contact data from official sites and copying the relevant confidentiality notifications.
In August, Kaspersky Lab continued to record mass-mailing adverts for online learning courses. This category of spam message had earlier focused mostly on colleges and universities, MA and PhD programs, but in August, prior to the start of the new school year, there were more offers to remotely complete a secondary education for those who had failed to do so on time.
The Top 3 sources of spam remained the same, with China, the USA and South Korea accounting for more than half of all global spam.
"In summer, spam becomes much more dangerous. The number of scam messages increases and so does the number of messages containing malicious attachments," commented Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Lab. "Remember, it is very rare for reputable organizations to ask you for your private data, to confirm account details without advance notice, or to open email attachments. If this happens, it’s advisable to contact the support line of the organization named in the email, and ask if they actually sent it."
The complete version of the Kaspersky Lab’s August 2013 spam report is available at: Securelist.