Kaspersky Lab Finds For the Fourth Year in a Row that Login Information is Most Targeted by Malicious Email Spam
OREANDA-NEWS. Kaspersky Lab found that for the fourth consecutive year, malicious programs designed to steal account logins, passwords and other confidential data remain the most widespread type of malware distributed by email spam. Findings from the Kaspersky Security Bulletin: Spam in 2014 show that the most common malicious spam is often distributed via phishing email and is designed to look like a web page where users are asked to enter confidential data.
Additionally, the Kaspersky Lab experts found that the proportion of spam in email was 66.8 percent in 2014, which is 2.8 percent lower than the previous year. The reduced level of spam emails could be related to the fact that the advertising of legal goods and services is migrating to more effective legal platforms. Additional findings from the report include:
- The largest proportion of malicious emails (9.8%) targeted users in the USA. The UK was in second place (9.6%) followed by Germany (9.2%).
- The biggest source of spam was the USA (16.7%), followed by Russia (5.9%) and China (5.5%).
- The top three organizations whose brand identities were most often used in phishing attacks were Yahoo! with 23.3 percent, Facebook with 10 percent and Google with 8.7 percent of the attacks.
- 42.6 percent of phishing attacks targeted global portals that integrate many services accessed via a single account, for example, Google, Yahoo! or Yandex.
- The country with the highest proportion of users targeted by phishers was Brazil, where 27.5 percent of all Kaspersky Lab customers in the country faced an attack. Australia was second with 23.8 percent and India and France were close behind with 23 percent each.
Mobile spam
Spam mailings imitating emails sent from mobile devices are becoming very popular. Kaspersky Lab found emails like this in several languages. They target iPad, iPhone, Samsung Galaxy and other models and had one thing in common – very short (or non-existent) text and a signature reading “Sent from my iPhone.” Typically, these messages contain links to malicious attachments.
Fake notifications from mobile applications
Often, spam mass mailings imitate notifications from different mobile applications such as WhatsApp and Viber. Since there are many cross-platform apps and synchronization of contact data between apps is common, consumers often don’t think twice about receiving an email notification from a mobile messenger application. But this is a mistake: these mobile applications are not connected to the email account, which proves that such emails are fake.
“Fake bank notifications are among the most common types of malicious spam or phishing attacks. Recently, we have seen noticeable changes in the structure of some phishing email. In 2014, spammers began to complicate the design of fake messages by adding more links to official resources and services of the organizations from which they claim to be sending their bogus notifications. Obviously, the attackers hope that an email with a few legitimate links would be recognized as legitimate by users and spam filters alike. Meanwhile, the email contains a single fraudulent link that either redirects users to a phishing site or downloads a malicious archive,” said Maria Vergelis, Spam Analyst at Kaspersky Lab.
About Kaspersky Lab
Kaspersky Lab is the world’s
largest privately held vendor of endpoint protection solutions. The company is
ranked among the world’s top four vendors of security solutions for endpoint
users*. Throughout its more than 17-year history Kaspersky Lab has remained an
innovator in IT security and provides effective digital security solutions for
large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company
registered in the United Kingdom, currently operates in almost 200 countries
and territories across the globe, providing protection for over 400 million
users worldwide.
Комментарии