The average amount of spam in 2017 decreased to 56.63%, down 1.68% from 2016. However, the amount of phishing increased by 59% in 2017 as compared to 2016. This and other interesting revelations came to the fore in a report by Kaspersky Lab titled- Spam and Phishing in 2017. It found that cybercriminals used hot topics like FIFA 2018 and bitcoin to fool users and steal their money.
“Spammers have shown themselves to be thoughtful actors, instantly monitoring global issues and major events worldwide with one main purpose – to capture and capitalize on their victim’s attention,” wrote Kaspersky.
The cybercriminals sent fraud messages saying that during such-and-such lottery held by a recognized organization, the recipient won the lottery among the million others. Other than money, users were promised free tickets to competitions and events. The details were usually attached in a file using official event and sponsor logos.
Bitcoin was a trending topic in 2017 because of drastic increase in its price value, reaching almost $20,000. Other hot topics in the year remained natural disasters like hurricanes Harvey, earthquake in Mexico, and popular sport events like Olympics and FIFA.
The spammers also used terms like earn-from-home schemes, cryptocurrency services with great opportunities, and demanded some investment to unveil the openings. CryptoLocker, whose creators demanded payment in bitcoin, was found in spam mails less often than in 2016.
Spam emails with malware were also sent to steal passwords from cryptocurrency wallets. According to the report, 40% of spam emails were less than 2 KB in size.
Kaspersky said that its Anti-Phishing system was triggered 246,231,645 times on the computers of Kaspersky Lab users in 2017, an increase of 91,273,748 from an year earlier.
“In 2017 we saw a slight decrease in spam activities, but throughout the year, spammers haven’t missed any reason to steal users’ personal information, keeping their eyes on what’s happening in the world. As sports events such as the upcoming FIFA World Cup and others take place, their activity will only increase,” said Darya Gudkova, spam analyst expert, Kaspersky Lab. “Moreover, in 2018 we expect further development and growth of cryptocurrency-related spam and phishing – with more cryptocurrency diversity besides Bitcoin, which was widely used in the previous year, and with ‘pump and dump’ schemes.”
Most of the spam was generated from USA (13.21%), followed by China (11.25%), Vietnam (9.85%), with India, Germany, Russia, Brazil, France and Italy, among top 10 spam generating countries. While China used spam to market goods internationally, India offered IT services like web design, SEO etc. to spread spam.
Germany (16.25%) was the most targeted country by malicious mails, followed by China, Russia, Japan, UK, Italy, Brazil, Vietnam, France, and UAE. Of all the victims of phishing, 15.9% were the unique users.
The most concerning finding of the report was that scammers used sites with SSL Certificates, which ensure users that the site is safe. However, the truth is cybercriminals use free 90-day certificates from leading certificate authorities like Let’s Encrypt or Comodo. Attackers mostly utilized services that do not monitor user posted content regularly. It was found that phishing content was placed on free hosting sites of famous companies by the attackers as then, they locate themselves on a reputable domain with a good SSL certificate.
The Punycode encoding technique too was highly used to attack users. It is imperative that a site visitor checks the spelling of domain name, but it has become extremely difficult as with Punycode encoding, phishers mask phishing domains under the domain names of recognized brands. For example, attackers used paypàl.com to fool users in the name of well-known paypal.com.
For detailed Kaspersky report, visit- https://securelist.com/spam-and-phishing-in-2017/83833/
Images source: Kaspersky Lab