Last updated on April 17, 2014 at 15:37 EDT

Spam in Q2 2013: More Offices in Danger from Targeted Plausible Fakes

August 21, 2013

ABINGDON, England, August 21, 2013 /PRNewswire/ –

In Q2, the percentage of spam in total email traffic increased by 4.2 per cent from
the first quarter of 2013 and came to 70.7 per cent. The percentage of phishing emails in
global mail traffic fell by 0.0016 per cent and came to 0.0024 per cent. These figures are
among the results of Kaspersky Lab’s [http://www.kaspersky.com ] email traffic analysis
for Q2 2013.

Main Trends in Q2

Many emails with malicious attachments
[http://www.kaspersky.co.uk/internet-security-center/threats/malicious-tools ] were
addressed to corporate users this past quarter. These emails were disguised as
auto-replies, i.e., delivery failure notifications, or notifications of the arrival of an
email, fax, or scan. Malicious users expect corporate employees to skim over the details,
assume the email is legitimate and open the attachment – releasing a malicious program.

One unusual feature in Q2 was the distribution of eCards with malicious attachments.
In the past, these were a common sight at every major holiday, but lately malicious eCard
sightings have been few and far between. However, this past quarter, Kaspersky Lab again
detected these malicious mailings, this time targeting the prominent American greeting
card company Hallmark.

Malicious eCards weren’t the only long-forgotten tactics detected by Kaspersky Lab
[http://www.kaspersky.com ] in this period. In Q1 2013, one of the tricks used by spammers
was “white text,” which is essentially random text added to the bottom of an email.
Readers do not notice this because the colour of the text is the same as the background
colour. The idea is to persuade spam filters that the unwanted message is a newsletter.
This quarter, spammers used more or less the same trick; they added random text, but this
time they didn’t even bother to make it “invisible”. Instead it was merely separated from
the main body of text with a large number of empty lines. All of the texts were taken from
various news stories. For example, while an email might start out with a colourful
photograph advertising a certain product or service, if the recipient scrolled all the way
to the bottom, he would find an small-print excerpt from a news story on Hugo Chavez, the
Boston Marathon, or the conflict in Korea.

Statistics for Q2

The countries which most actively send spam
[http://www.kaspersky.co.uk/internet-security-center/threats/spam-phishing ] remain the
same, although their percentages have changed slightly: China is down by 1.2 per cent, the
US is down by 0.9 per cent, and South Korea’s percentage is lower by 3 per cent.

The majority of spam emails are still very small, weighing in at under 1KB. Over the
second quarter there were 4.8 per cent more of these small emails, and they made up 73.8
per cent of all spam mails.

The amount of malicious attachments in the second quarter was 1 per cent lower than in
the first, coming to 2.3 per cent of all mail traffic. Among the threats spread by email,
the most prevalent families are those designed to steal data to access user accounts
(usernames and passwords), particularly for online banking services.

The percentage of phishing
[http://www.kaspersky.co.uk/internet-security-center/threats/spam-phishing ] emails in
total mail traffic during the second quarter this year fell by 0.0016 per cent and came to
0.0024 per cent.

There were few changes in the range of organisations targeted by phishing attacks in
the second quarter. The number of attacks launched against social networks fell by 3.3 per
cent, and the percentage of attacks against financial organisations increased by 1.2 per
cent, pushing that category into second place in the ratings.

More and more often these days, phishers are reluctant to rely solely on the human
factor and are less willing to wait for users to enter their own data. Instead, malicious
users are now sending out malicious emails seeded with Trojans that steal usernames and
passwords, including for online banking accounts.

Malicious attachments aren’t only found in emails masquerading as forms for Facebook
and other popular online resources – they can also be found in emails disguised as
official bank messages.

“Recently, spammers have begun sending out emails with malicious attachments designed
to look like automatic delivery failure notifications sent out by servers. Another common
trick is to make malicious emails look like notifications from well-known online
resources, and include links to malicious websites. The large amount of spyware in
malicious spam attachments shows a regrettable trend – malicious users are persistently
hunting for personal data, usernames and passwords, including those for online banking and
payment systems. Kaspersky Lab recommends that users continue to exercise caution – even
when dealing with emails that appear to be legitimate.” said Darya Gudkova, Head of
Content Analysis & Research, Kaspersky Lab.

To read the full version of Q2 2013 Spam report visit securelist.com
[http://www.securelist.com/en/analysis/204792297/Spam_in_Q2_2013 ].

Useful links

        - Spam in Q1 2013
          [http://www.securelist.com/en/analysis/204792291/Spam_in_Q1_2013 ]
        - Spam in Q3 2012
          [http://www.securelist.com/en/analysis/204792251/Spam_in_Q3_2012 ]
        - Spam in 2012
          [http://www.securelist.com/en/analysis/204792276/Kaspersky_Security_Bulletin_Spam_Evolution_2012 ]

About Kaspersky Lab

Kaspersky Lab is the world’s largest privately held vendor of endpoint protection
solutions. The company is ranked among the world’s top four vendors of security solutions
for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained
an innovator in IT security and provides effective digital security solutions for large
enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the
United Kingdom, currently operates in almost 200 countries and territories across the
globe, providing protection for over 300 million users worldwide. Learn more
atwww.kaspersky.com [http://www.kaspersky.com ].

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue
by Vendor, 2011. The rating was published in the IDC report “Worldwide Endpoint Security
2012-2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked
software vendors according to earnings from sales of endpoint security solutions in 2011.

Follow us on Twitter

www.twitter.com/kasperskyuk [http://www.twitter.com/kasperskyuk ]

Like us on Facebook


Editorial contact:

        Berkeley PR
        Jenny Jones
        Telephone: +44(0)118-909-0909

        1650 Arlington Business Park
        RG7 4SA, Reading
        Kaspersky Lab UK
        Ruth Knowles
        Telephone: +44(0)7590-440-433

        Milton Business Park
        OX14 4RY, Oxford

SOURCE Kaspersky Lab

Source: PR Newswire