According to her report Kaspersky Lab "spam and Phishing in 2016 ", about 20% of the total spam Email in the fourth quarter of 2016 we distributed ransomware Trojans.
Kaspersky Lab's Spam Report has also identified the following trends for 2016:
- The volume of spam email 2016 increased by touching 58,31% of total email traffic, an increase of 3,03% compared to 2015.
- The United States remained the largest source of spam (12,08%), with Vietnam second (10,32%) and third (10,15%).
- Germany remained the number one among the countries that are targets of malicious emails (14,13%). The second and third ranked Japan (7,59%) and China (7,32%), respectively. Note that both were outside 10 leading countries 2015.
- 15,29% of unique users were attacked by phishers.
- 2016, the average rate of phishing attacks on customers of financial institutions hit 47,48%, from 34,33% to 2015 and 28,74% to 2014.
- Trojan.Win32.Bayrob was used to send spam and steal personal data while it was the most popular "family" of malware distributed via email.
The top issues of spam messages for 2016: sport and terrorism
Phishers, as expected, could not pass up the opportunity presented by the most talked about event of the year – the Olympics Events στη Βραζιλία. Δόλια spam αξιοποίησαν και άλλα μεγάλα αθλητικά γεγονότα, όπως το Ευρωπαϊκό Πρωτάθλημα Ποδοσφαίρου, καθώς και τα επικείμενα Παγκόσμια Κύπελλα Ποδοσφαίρου του 2018 και του 2022. Οι spammers έστειλαν ψεύτικες alerts to win sweepstakes related to these events. The lottery was supposed to be organized by an official organization and the recipient's address was randomly selected from millions other addresses. This theme was also used in malicious spam. In this case, the emails included an attached ZIP file with a Javascript downloader and are detected by Kaspersky Lab as Trojan-Downloader.Script.Generic. This malware, in turn, "downloads" other malware onto victims' computers.
The issue of terrorism, which has remained a major global problem in recent years, especially around the tense situation in Syria, has also been exploited in spam. Numerous so-called "letters from Nigeria", taking advantage of the problem of terrorism and refugees, were sent to users on behalf of both government employees and individuals. The details of the stories may differ, but the senders' intentions were the same: to grab the recipient's attention with promises of large sums of money and force them to join a conversation.
Chinese businessmen on the rise
Spam ads became very popular with small and medium businesses businesses in China in 2016. The text of a typical spam message generally began with an impersonal greeting to the recipient, followed by the first and last name of the factory manager. Often, the email described the company's strengths, accomplishments, and the types of certification it held.
Chinese businesses have not started using new, more targeted, convenient and less intrusive platforms advertisings, such as social networking sites. Kaspersky Lab researchers believe this may be due to the fact that social networks in China are mostly internal, since "global giants" such as Facebook are not allowed. As a result, Chinese entrepreneurs have far fewer legal means to enter the international market, even though the state has passed its own anti-spam law, which is the strictest in the world.
The "ransom" is the king
In 2016, a huge number of malicious spam was recorded. The absolute leaders of spam were the Trojan downloaders who "download" ransomware to the victim's computer. The most popular were group junk messages sent to "infect" users' computers with the Locky encryptor. However, other ransomware such as Petya, Cryakl and Shade were also prevalent.
Quantity of malicious spam Email the 2016
The number of malicious programs started to increase in December 2015 and continued to increase in waves throughout the following year. The sharp declines were mainly caused by the fact that digital criminals have temporarily disabled the Necurs botnet, which is responsible for Locky's greater spread.
"2016, we saw a series of changes in the flows spam, with an increase in the number of malicious bulk shipments they contain ransomware be the most important. Such extensive use of programs ransomware may be due to the existence of this type of malware on the black market. Currently, digital criminals can not just rent one botnet to send spam, but also to use the service known as Ransomware-as-a-Service. This means that the attacker may not be a hacker in the traditional sense, and may not even know how to uses code. In 2017, the volume of malicious spam is unlikely to decrease, said Darya Gudkova, Spam Analyst Expert of Kaspersky Lab.
Read more about the spam and phishing landscape of 2016 on the dedicated site Securelist.com.