Not logged in » Login
Mar 31 2015

Financial Data Still Under Threat, Says Kaspersky Spam Report

Kaspersky Lab's spam report for 2014 points out ongoing trends in the list of the most widespread malware attacks and fraud schemes. Unsurprisingly, cyber crooks most often tried to milk their victims for financial information and account details for the fourth year on end, using spam and phishing mails to steal logins, passwords and other confidential data needed to grab money or order goods from financial institutions or online shops.

Bogus bank notifications remain the fraudster favorite, with recent noticeable changes in the structure of some phishing email, says Kaspersky's analyst team. "In 2014, spammers began to complicate the design of fake messages by adding more links to official resources and services of the organizations from which they claim to be sending," they write in their Spam in 2014 report, which outlines new methods, such as embedding just one fraudulent link with in a row of legitimate ones in an attempt to deceive both spam filters and users.

Last year's malicious spam – 74.5% of which were only up to 1 KB in size – can be summarized statistically: The proportion of spam in email flows sank slightly since 2013 by 2.8% to 66.8% in 2014, a fact the Kaspersky researchers ascribe to a new trend among advertisers who have been "abandoning spam in favor of more effective legal advertising platforms."

Unfazed by this setback, spammers nevertheless intensified their efforts to distribute more ads via SMS and popular IM services like WhatsApp, Viber, using traditional spam mailings to search for new customers. Both the attackers producing malicious spam and their potential victims in target groups are partly concentrated in just a few highly industrialized countries: during the observation period, 16.7% of all malicious spam originated in the US, another 5.9% in Russia, and 5.5% in China. For the third consecutive year, considerable target groups for traditional malicious spam mails were based in the US (9.8%), the UK (9.6%), and Germany (9.2%).

While spam is undoubtedly a major inconvenience, most users and organizations have successfully deployed filter programs and rigid email policies to mitigate possible risks. Phishing attacks on the other hand are often less easy to avert, which is why Kaspersky's researchers devoted the second part of their spam report to this topic. The findings differ significantly from those of the first part: In 2014, 42.6% of all phishing attacks worldwide targeted global portals (formerly listed as email providers) that offer access to multiple services through one single account. Among these platforms, Yahoo was the most popular victim, attracting 23.3% of all assaults, followed by Facebook and Google, which accounted for 10% and 8.7% of the onslaughts respectively. With Yahoo and its peers being hounded like that, it's probably less of a surprise to find that Kaspersky's experts observed a decrease in financial phishing attacks, which dropped from 31.5% in the previous year to 28.7% in 2014. Along with these changes, there was also a shift among the countries and nationalities that fell victim to phishing attacks: nearly one fifth of all raids (17.3%) occurred in Russia, and the number of affected users was the highest in Brazil, with roughly 27.5%.

Kaspersky's researchers expect all these trends will continue throughout 2015. For detailed descriptions of the most popular spam and phishing schemes and suggestions for protective measures, please see the full report at the company's Securelist website.


Comments on this article

No comments yet.

Please Login to leave a comment.


Please login

Please log in with your Fujitsu Partner Account.


» Forgot password

Register now

If you do not have a Fujitsu Partner Account, please register for a new account.

» Register now