According to Kaspersky Lab’s “Spam and Phishing in 2017” report, criminals have been following a global agenda by using hot topics such as FIFA 2018 and Bitcoin to fool users and steal their money or personal information in the last 12 months.
Spammers have shown themselves to be thoughtful actors, instantly monitoring global issues and major events worldwide with one main purpose – to capture and capitalize on their victim’s attention. Kaspersky Lab’s ongoing research on spam and phishing activities confirms the methods used by spammers are effective, due to users’ decreased attention and increased unconditional trust. These factors combined mean that people are more likely to follow false instructions.
While the world was intensively preparing for FIFA 2018 last year, spammers have been actively spreading related emails. Thus, they’ve been sending victims fraudulent messages with official logos of the event, including organizers and sponsor brand information, and notifying users about lottery wins and even promising free tickets.
Another hot spam and phishing topic in 2017 was cryptocurrency - as Bitcoin’s price drastically increased. Kaspersky Lab researchers have previously recorded a growth in blockchain-themed tricks in the third quarter of 2017. By the end of the year, an extensive arsenal of spammer tools was noted.
According to Kaspersky Lab’s discoveries, criminals have been using tricks such as websites disguised as cryptocurrency exchanges or fake services offering cloud mining (i.e. the use of specialized data centers for rent). But in all cases, users became victims - losing money instead of earning any profit. In more traditional fraud schemes, such as fake lottery winnings, criminals have also started to use Bitcoin as bait. In addition to targeted address databases advertised through spam, databases with emails for cryptocurrency users have also been offered for purchase, promising great opportunities.
Moreover, criminals have distributed different types of malware in spam emails, under the guise of utilities for earning Bitcoins, or instructions for cryptocurrency trading. However, importantly, Cryptolockers, whose creators demanded a Bitcoin ransom, have been detected in spam letters less than in the previous year.
Overall, the average amount of spam in 2017 decreased to 56.63 percent, which is 1.68 percent less than in 2016. At the same time, the number of phishing attacks increased – the Kaspersky Lab Anti-Phishing system was triggered 246,231,645 times on the computers of Kaspersky Lab users, which is 59 percent higher than in 2016.
Darya Gudkova, spam analyst expert, Kaspersky Lab, said:
“In 2017 we saw a slight decrease in spam activities, but throughout the year, spammers haven’t missed any reason to steal users’ personal information, keeping their eyes on what’s happening in the world. As sports events such as the upcoming FIFA World Cup and others take place, their activity will only increase.
Moreover, in 2018 we expect further development and growth of cryptocurrency-related spam and phishing - with more cryptocurrency diversity besides Bitcoin, which was widely used in the previous year, and with 'pump and dump' schemes.”
Other important trends and statistics in 2017, highlighted by Kaspersky Lab researchers, include the following:
- The most popular source of spam was the USA (13.21 percent), followed by China (11.25 percent) and Vietnam (9.85 percent). Others in the top 10 include India, Germany, Russia, Brazil, France and Italy.
- The country most targeted by malicious mailshots was Germany (16.25 percent), showing a slight increase (2.12 percent) compared to 2016. Others in the top 10 include China, Russia, Japan, UK, Italy, Brazil, Vietnam, France and UAE.
- The largest percentage of users affected by phishing was in Brazil (29.02 percent). Overall, 15.9 percent unique users of Kaspersky Lab products worldwide were attacked by phishing.
Kaspersky Lab recommends home users install a reliable security solution, such as Kaspersky Total Security, which is able to detect and block phishing attacks and spam in standalone email clients.