Last updated on April 19, 2014 at 9:20 EDT

Spam in July: Banking Trojans Dominate Malware in E-mail Traffic

August 29, 2013

ABINGDON, England, August 29, 2013 /PRNewswire/ –

According to Kaspersky Lab [http://www.kaspersky.co.uk ], the percentage of spam in
email traffic in July was up only 0.1 percentage points and averaged at 71.2 per cent.
Malicious attachments were found in 2.2 per cent of all emails, an increase of 0.4
percentage points compared to the previous month. The level of phishing
[http://www.kaspersky.co.uk/internet-security-center/threats/spam-phishing ] decreased by
more than half compared with June, and averaged 0.0012 per cent.

In July, Kaspersky Lab continued to record mass mailings in which spammers exploited
interest in the big events of the month. For example, the much-anticipated birth of the
Royal baby in Britain and the spy scandal involving Edward Snowden did not go unnoticed by
the spammers. Attackers kept with tradition to send out emails with malicious links
imitating messages with links to breaking news. For example, the excitement around the
birth of the royal baby was utilised in advertising printing services and advertising
equipment. In honour of the event the company offered discounts for roller stands.

The scandal involving the former US intelligence officer Edward Snowden was used by
the spammers to advertise weight loss products. The trick was that these goods were not
even mentioned in the subject of the email and the text of the message offered the details
of Snowden’s story rather than the methods of losing weight. However the link to the
“details” contained in the email led to an advertising page.

Also, the Muslim holy month of Ramadan began in early July. Every year, Kaspersky Lab
registers mass mailings exploiting this theme and this year was no exception. It recorded
several English-language mass mailings, including not only traditional Ramadan
advertisements of night restaurants and food but also offering automobiles and summer
holidays for children.

In the summer months, tourist spam is also highly popular and Kaspersky Lab continued
to register malicious mailings supposedly sent on behalf of various airlines. In July,
Kaspersky Lab recorded fake notifications from “United Airlines”. The email stated that
seat numbers on an upcoming flight had been changed and the updated flight information was
available in the attached archive “flight document upgrade.doc.zip”. The archive contained
an executable file under that name, which is detected by Kaspersky Lab as

This backdoor is then used by the fraudsters to steal passwords stored on browsers as
well as passwords
[http://www.kaspersky.co.uk/internet-security-center/threats/hacking-system-vulnerabilities ]
for FTP and email clients. This malware
[http://www.kaspersky.co.uk/internet-security-center/threats/malware-classifications ] also
sends screenshots of the user’s desktop and gives cybercriminals full access to the
infected computer, allowing the attackers to download and run various files on it.

In July, Kaspersky Lab [http://www.kaspersky.co.uk ] experts also recorded mass
mailings advertising services and goods for pets to tap into high global demand in this
market. Spammers promoted offers in both Russian and English. English-language spam mostly
advertised pet products and cheap food.

China remained in first place with 23.4 per cent of all distributed spam, a slight
decline from the previous month (23.9 per cent). The US came second, contributing 18 per
cent of global spam flow, up 0.8 percentage compared with June. South Korea was third
after a small increase (0.4 percentage points) averaging 14.9 per cent in July. Combined,
these three leaders produced more than one third of spam globally.

The full version of the spam report for July 2013 is available at securelist.com
[http://www.securelist.com/en/analysis/204792296/Spam_in_June_2013 ].

Useful links

        - Spam in May 2013
          [http://www.securelist.com/en/analysis/204792294/Spam_in_May_2013 ]
        - Spam in June
          [http://www.securelist.com/en/analysis/204792296/Spam_in_June_2013 ]
        - Spam in Q2 2013
          [http://www.securelist.com/en/analysis/204792297/Spam_in_Q2_2013 ]

About Kaspersky Lab

Kaspersky Lab is the world’s largest privately held vendor of endpoint protection
solutions. The company is ranked among the world’s top four vendors of security solutions
for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained
an innovator in IT security and provides effective digital security solutions for large
enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the
United Kingdom, currently operates in almost 200 countries and territories across the
globe, providing protection for over 300 million users worldwide. Learn more at


* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue
by Vendor, 2011. The rating was published in the IDC report “Worldwide Endpoint Security
2012-2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked
software vendors according to earnings from sales of endpoint security solutions in 2011.

Follow us on Twitter http://www.twitter.com/kasperskyuk

Like us on Facebook http://www.facebook.com/Kaspersky

        Editorial contact:

        Berkeley PR
        Ella Thompson
        Telephone: +44(0)118-909-0909
        1650 Arlington Business Park
        RG7 4SA, Reading

        Kaspersky Lab UK
        Ruth Knowles
        Telephone: +44(0)7590-440-433
        Milton Business Park
        OX14 4RY, Oxford

SOURCE Kaspersky Lab

Source: PR Newswire