According to her report Kaspersky Lab "spam and Phishing in 2016 ", about 20% of the total spam Email in the fourth quarter of 2016 we distributed ransomware Trojans.
Kaspersky Lab's Spam Report has also identified the following trends for 2016: 
- The volume of spam email 2016 increased by touching 58,31% of total email traffic, an increase of 3,03% compared to 2015.
- The United States remained the largest source of spam (12,08%), with Vietnam second (10,32%) and third (10,15%).
- Germany remained in first place among the countries targeted by malicious emails (14,13%). The second and third places were occupied by Japan (7,59%) and China (7,32%) respectively. It should be noted that both were outside the top 10 countries in 2015.
- 15,29% of unique users were attacked by phishers.
- 2016, the average rate of phishing attacks on customers of financial institutions hit 47,48%, from 34,33% to 2015 and 28,74% to 2014.
- Trojan.Win32.Bayrob was used to send spam and steal personal data, while it was the most popular "family" of malware distributed via email.
The top issues of spam messages for 2016: sport and terrorism
Phishers, as expected, could not miss the opportunity presented by the most talked about event of the year - the Olympic Games in Brazil. Fraudulent spam took advantage of other major sporting events, such as the European Football Championship, as well as the upcoming 2018 and 2022 FIFA World Cups. Spammers sent false notices of winning lotteries related to these events. The lottery was supposed to be organized by a formal organization and the recipient's address was randomly selected from millions of other addresses. This theme has also been used in malicious spam. In this case, the emails contained a ZIP attachment with a Javascript downloader and were detected by Kaspersky Lab as Trojan-Downloader.Script.Generic. This malware, in turn, downloads other malware to victims' computers.
The issue of terrorism, which has remained a major global problem in recent years, especially around the tense situation in Syria, has also been exploited in spam. Numerous so-called "letters from Nigeria", taking advantage of the problem of terrorism and refugees, were sent to users on behalf of both government employees and individuals. The details of the stories may differ, but the senders' intentions were the same: to grab the recipient's attention with promises of large sums of money and force them to join a conversation.
Chinese businessmen on the rise
Spam ads became very popular with small and medium-sized businesses in China, 2016. The text of a standard spam message generally began with an impersonal greeting to the recipient, followed by the name and surname of the factory manager. Often, the email outlined the company's benefits, achievements, and the types of certification it had.
Chinese businesses have not started using new, more targeted, convenient and less intrusive platforms advertisingς, όπως οι ιστότοποι κοινωνικής δικτύωσης. Οι ερευνητές της Kaspersky Lab πιστεύουν ότι αυτό μπορεί να οφείλεται στο γεγονός ότι τα κοινωνικά networks in China it's mostly internal, since "global giants" like Facebook aren't allowed. As a result, Chinese entrepreneurs have far fewer legal means to enter the international market, even though the state has passed its own anti-spam law, which is the strictest in the world.
The "ransom" is the king
In 2016, a huge amount of malicious spam was recorded. The absolute leaders of spam were Trojan downloaders that "download" ransomware to the victim's computer. The most popular were the group ones messages spam that was sent with the intention of "infecting" users' computers with Locky encryptor. However, other ransomware such as Petya, Cryakl and Shade were also prevalent.
Quantity of malicious spam Email the 2016
The number of malicious programs started to increase in December 2015 and continued to increase in waves throughout the following year. The sharp declines were mainly caused by the fact that digital criminals have temporarily disabled the Necurs botnet, which is responsible for Locky's greater spread.
"2016, we saw a series of changes in the flows spam, with an increase in the number of malicious bulk shipments they contain ransomware be the most important. Such extensive use of programs ransomware may be due to the existence of this type of malware on the black market. Currently, digital criminals can not just rent one botnet to send spam, but also to use the service known as Ransomware-as-a-Service. This means that the attacker may not be a hacker in the traditional sense, and may not even know how to use code. 2017, the volume of malicious spam is unlikely to decrease, said Darya Gudkova, Spam Analyst Expert of Kaspersky Lab.
Read more about the spam and phishing landscape of 2016 on the dedicated site Securelist.com.
