While cryptocurrency holders search for new investment opportunities and ways to increase their savings, and enthusiasts look to learn more about the benefits of going cashless, malicious users are also looking for ways to capitalize on the popularity of the blockchain phenomenon. Multiple blockchain-themed fraud schemes exploiting the hype around the technology have been spotted in the wild recently, according to Kaspersky Lab’s “Spam and phishing in Q3 2017” report.
For several months, spammers have been showing increased ingenuity, with their activities proving that they are monitoring the latest trends and global developments in cryptocurrencies. Based on blockchain technology, cryptocurrencies have become an attractive target for cybercriminals, who have been successfully and inoffensively targeting their victims through web-mining. Alongside this, during the past three months, Kaspersky Lab researchers have also detected an increase in spam activities related to cryptocurrency. According to the “Spam and phishing in Q3 2017” report, criminals have been using several successful tricks to fool users and steal their money.
Fraud schemes, based on cryptocurrency trading, have been prevalent over the last quarter. In one such scenario users receive an email invitation to install special software for trading in the cryptocurrency market, but when they click on the link, they are redirected to different websites promoting investments options, including binary options trading. By doing this, cybercriminals hope that users will be enticed to invest more and more money, and transfer currency to a trading account which they own. However, for the victim there is no guarantee that it will lead to something, or they will get their money back. This type of fraud scheme is similar to a casino set-up, and aims to provoke users to bid until they have nothing left, leaving the cybercriminal with everything.
More primitive, but no less effective, tactics used to exploit victims include the distribution of emails offering to transfer money to a specific crypto wallet, where the user receives their money back with interest. But of course, that never happens. Users initially transfer money to an unknown wallet and the cybercriminal cashes in.
Another fraud scheme, discovered by Kaspersky Lab researchers in Q3, was in the form of offering to help users learn more about cryptocurrencies and how they could benefit from them. This underhand tactic aimed to exploit a lack of understanding about blockchain technology and how cryptocurrencies work. Criminals advertised educational workshops via email that would help users enhance their knowledge and skills around cryptocurrency and learn about investment opportunities. With a high price tag, users were duped into paying and believing this was a legitimate advert. However, the money paid to receive such advice would only end up enriching someone else’s wallet, not the user’s knowledge. Because usually such workshops promoted via spam are quite expensive, and imply more of advertising than real knowledge.
“While in the second quarter of the year we observed the WannaCry spam and phishing attacks, in the past three months we have witnessed criminals actively exploiting the popularity and interest around cryptocurrency. This once again shows that the most reliable way to target victims is by utilizing current trends and cashing in on an emerging market which users are still getting to grips with and keen to explore. There is no doubt that attacks in this form will continue, so it is extremely important for users to pay careful attention, be vigilant and keep up to date when it comes to global phenomenon”, said Darya Gudkova, Spam Analyst Expert at Kaspersky Lab.
Along with the growth of blockchain scams, the average amount of spam has increased to 58.02%, which is 1.05 percentage points higher than Q2. According to the report, peak spam activity was in September, at 59.56%.
In addition, during the third quarter of the year researchers detected an increase in phishing attacks by 13 million - the Kaspersky Lab Anti-Phishing system was triggered 59,569,508 times on the computers of Kaspersky Lab users. At the same time, criminals have been focusing more on using messenger applications on mobile devices to carry out popular, online scams.
The proportion of spam in email traffic, Q2 2017 vs Q3 2017
Other important trends and statistics in Q3, highlighted by Kaspersky Lab researchers, include the following:
- China became the most popular source of spam, overtaking the Vietnam and U.S. Others in the top 10 include India, Germany, Brazil, France, Poland, Islamic Republic of Iran.
- The country most targeted by malicious mailshots was Germany. The top target of the previous period, China, came second, followed by Russia, Japan and Italy.
- The largest percentage of users affected by phishing was in Brazil (19.95%), the same as the previous quarter. Overall, 9.49% unique users of Kaspersky Lab products worldwide were attacked by phishing.
- The main targets of phishing attacks remained the same since the beginning of the year. They are primarily in the financial sector and include banks, payments services and online stores.
Learn more about spam and phishing in Q3 2017 on Securelist.com.
Kaspersky Lab recommends home users install a reliable secure solution to detect and block spam and phishing attacks, such as Kaspersky Total Security.
Businesses are recommended to use security solutions with dedicated functionality aimed at detecting and blocking phishing, malicious attachments and spam. Small businesses can protect themselves with Kaspersky Small Office Security and Kaspersky Endpoint Security Cloud, while larger companies can benefit from real-time cloud-assisted anti-spam scanning of all messages, with the Kaspersky Security for Mail Server application inside Kaspersky Total Security for Business.
To ensure we continue to provide the highest levels of protection to our customers, in 2018, Kaspersky Lab will introduce Kaspersky Security for Office 365, a new Security-as-a-Service offering that provides award-winning protection from spam, phishing and malware, for Exchange online in Microsoft Office 365. The product is currently in public beta, and will be free until February 2018.