2016: The year of spam programs ransomware


According to her report Kaspersky Lab "Spam and Phishing in 2016 ", about 20% of the total spam emails in the fourth quarter of 2016 we distributed ransomware Trojans.

Kaspersky Lab's Spam Report has also identified the following trends for 2016: ransomware

  • The volume of spam email 2016 increased by touching 58,31% of total email traffic, an increase of 3,03% compared to 2015.
  • The United States remained the largest source of spam (12,08%), with Vietnam second (10,32%) and third (10,15%).
  • Germany remained the number one among the countries that are targets of malicious emails (14,13%). The second and third ranked Japan (7,59%) and China (7,32%), respectively. Note that both were outside 10 leading countries 2015.
  • 15,29% of unique users were attacked by phishers.
  • 2016, the average rate of phishing attacks on customers of financial institutions hit 47,48%, from 34,33% to 2015 and 28,74% to 2014.
  • Trojan.Win32.Bayrob was used to send spam and steal personal data while it was the most popular "family" of malware distributed via email.

The top issues of spam messages for 2016: sport and terrorism

Phishers, as expected, could not miss the opportunity presented by the most talked about event of the year - the Olympic Games in Brazil. Fraudulent spam took advantage of other major sporting events, such as the European Football Championship, as well as the upcoming 2018 and 2022 FIFA World Cups. Spammers sent false notices of winning lotteries related to these events. The lottery was supposed to be organized by a formal organization and the recipient's address was randomly selected from millions of other addresses. This theme has also been used in malicious spam. In this case, the emails contained a ZIP attachment with a Javascript downloader and were detected by Kaspersky Lab as Trojan-Downloader.Script.Generic. This malware, in turn, downloads other malware to victims' computers.

The issue of terrorism, which has remained a major global problem in recent years, especially around the tense situation in Syria, has also been exploited in spam. Numerous so-called "letters from Nigeria", taking advantage of the problem of terrorism and refugees, were sent to users on behalf of both government employees and individuals. The details of the stories may differ, but the senders' intentions were the same: to grab the recipient's attention with promises of large sums of money and force them to join a conversation.

Chinese businessmen on the rise

Spam ads became very popular with small and medium-sized businesses in China, 2016. The text of a standard spam message generally began with an impersonal greeting to the recipient, followed by the name and surname of the factory manager. Often, the email outlined the company's benefits, achievements, and the types of certification it had.

Chinese businesses have not started using new, more targeted, convenient and less intrusive advertising platforms, such as social networking sites. Kaspersky Lab researchers believe that this may be due to the fact that social networks in China are mainly internal, since "global giants", such as Facebook, are not allowed. As a result, Chinese entrepreneurs have far less legal means to enter the international market, even if the state has passed its own anti-spam law, which is the world's tightest.

The "ransom" is the king

In 2016, a huge number of malicious spam was recorded. The absolute leaders of spam were the Trojan downloaders who "download" ransomware to the victim's computer. The most popular were group junk messages sent to "infect" users' computers with the Locky encryptor. However, other ransomware such as Petya, Cryakl and Shade were also prevalent.ransomware

Quantity of malicious spam emails the 2016

The number of malicious programs started to increase in December 2015 and continued to increase in waves throughout the following year. The sharp declines were mainly caused by the fact that digital criminals have temporarily disabled the Necurs botnet, which is responsible for Locky's greater spread.

 "2016, we saw a series of changes in the flows spam, with an increase in the number of malicious bulk shipments they contain ransomware be the most important. Such extensive use of programs ransomware may be due to the existence of this type of malware on the black market. Currently, digital criminals can not just rent one botnet to send spam, but also to use the service known as Ransomware-as-a-Services. This means that the attacker may not be a hacker in the traditional sense, and may not even know how to use code. 2017, the volume of malicious spam is unlikely to decrease, said Darya Gudkova, Spam Analyst Expert of Kaspersky Lab.

Read more about the spam and phishing landscape of 2016 on the dedicated site Securelist.com.

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news