Kaspersky Laboratory: In the second quarter of 2017, digital criminals actively engaged in the distribution of unwanted spam messages, seeking to take advantage of public fears when the outbreak of WannaCry ransomware in May. Knowing that there are many people who have been "infected" with this ransomware and are looking for ways to obtain their encrypted data, scammers have sent unwanted messages spam and phishing, offering users various services to fight epidemics. 
This is one of the main findings of the report “Spam and phishing in the second quarter of 2017” of Kaspersky Lab.
The attack on the ransomware program WannaCry affected more than 200.000 computers across the globe resulting in a huge panic, and spammers immediately took advantage of the opportunity. Researchers have detected a large number of messages that offer services such as protection from WannaCry attacks, data recovery and, in addition, educational workshops and courses for users. Additionally, spammers successfully implemented a traditional fraudulent offer for installing software updates on attacked computers. However, links have redirected users to web pages Phishing, aiming to steal their personal data.
One of the main trends in the last three months is the number of bulk mailings directed at corporate networks. Based on Kaspersky Lab research, these have been expanding since the beginning of the year. Spammers began to widely "disguise" malicious mail as corporate dialogues, using the identities of corporate mail services, including real signatures, logos, and even banking information. In the files attached to the email, digital criminals sent expoits packages aimed at stealing FTP, email and other passwords access.
Kaspersky Lab experts point out that most attacks on the corporate sector have financial goals.
Επιπλέον, το δεύτερο τρίμηνο του έτους οι ερευνητές ανίχνευσαν αύξηση του αριθμού μαζικών αποστολών με κακόβουλα Trojans, που αποστέλλονταν για λογαριασμό διεθνών υπηρεσιών παράδοσης (delivery).
Spammers sent shipment reports with information about non-existent baggage deliveries. With the aim of infecting computers or stealing personal login information, criminals were found spreading download links with malware, including the banking Trojan Emotet, which was first identified in 2014. Overall, the volume of malicious bulk shipments increased by 17%, according to new Kaspersky Lab report.
"In the second quarter of the year, we found that the key trends in spam and phishing attacks continued to evolve. The use of WannaCry in mass missions proves that digital criminals are very careful and react directly to international events. In addition, digital criminals began to focus more on the B2B sector, considering it profitable. We expect this trend to continue to evolve and the total number of corporate attacks and their variety will expand, "said Darya Gudkova, Spam Analyst Expert of Kaspersky Lab.
Other significant trends and statistics for the second quarter, highlighted by Kaspersky Lab researchers, include:
• The average spam rate has risen to 56,97%. Vietnam became the most popular source of spam, surpassing the US and China. 10's first countries include Russia, Brazil, France, Iran and the Netherlands.
• Necurs botnet is still active. However, experts noted a decrease in the volume of unwanted messages sent by this botnet and its instability.
• The country that received the most attacks from malicious messaging was Germany. The leader of the previous period, China, came second, followed by the United Kingdom, Japan and Russia. Other popular targets include Brazil, Italy, Vietnam, France and the United States.
• Kaspersky Lab Anti-Phishing was activated 46.557.343 times on Kaspersky Lab users' computers. The largest proportion of attacked users was in Brazil (18,09%). Overall, 8,26% of unique Kaspersky Lab products worldwide have been phishing.
• As in the first quarter, the main targets of phishing attacks remained the same and mainly come from the financial sector: banks, payment services and online stores.
For more information on spam and phishing in the second quarter of 2017, you can find the specialist site Securelist.com.
