Kaspersky Lab: In the second quarter of 2017, digital criminals actively engaged in the distribution of unwanted spam messages, seeking to take advantage of public fears when the outbreak of WannaCry ransomware in May. Knowing that there are many people who have been "infected" with this ransomware and are looking for ways to obtain their encrypted data, scammers have sent unwanted messages spam and phishing, offering users various services to fight epidemics. 
This is one of her key findings reportς “Spam and phishing in the second quarter of 2017” of Kaspersky Lab.
The attack on the ransomware program WannaCry affected more than 200.000 computers across the globe resulting in a huge panic, and spammers immediately took advantage of the opportunity. Researchers have detected a large number of messages that offer services such as protection from WannaCry attacks, data recovery and, in addition, educational workshops and courses for users. Additionally, spammers successfully implemented a traditional fraudulent offer for installing software updates on attacked computers. However, links have redirected users to web pages Phishing, aiming to steal their personal data.
One of the main trends in the last three months is the number of bulk shipments addressed to corporate networks. Based on Kaspersky Lab's research, these have been expanded since the beginning of the year. Spammers have begun to grossly "masquerade" malicious mailings as corporate dialogues, using corporate mail service identities, including real signatures, logos and even banking information. In the files attached to the email, digital criminals sent packets of expoits targeting FTP, email and other passwords.
Kaspersky Lab experts point out that most attacks on the corporate sector have financial goals.
In addition, in the second quarter of the year the researchers detected an increase in the number of bulk shipments of malicious Trojans sent for international delivery services.
Spammers were sending shipment reports with information σχετικά με ανύπαρκτες παραδόσεις αποσκευών. Με στόχο να «μολύνουν» υπολογιστές ή να κλέψουν προσωπικά στοιχεία σύνδεσης, εντοπίστηκαν εγκληματίες που εξάπλωναν download links με κακόβουλο λογισμικό, συμπεριλαμβανομένου του τραπεζικού Trojan Emotet, το οποίο εντοπίστηκε για πρώτη φορά το 2014. Overall, the volume of malicious bulk shipments increased by 17%, according to new Kaspersky Lab report.
“During the second quarter of the year, we found that key trends in spam and phishing attacks continued to evolve. The use of WannaCry in mass missions proves that digital criminals are very careful and react quickly to international events. In addition, digital criminals began to focus more on the B2B sector, considering it profitable. We expect this trend to continue to evolve and the total number of corporate attacks and their variety will expand," said Darya Gudkova, Spam Analyst Expert at Kaspersky Lab.
Other significant trends and statistics for the second quarter, highlighted by Kaspersky Lab researchers, include:
• The average spam rate has risen to 56,97%. Vietnam became the most popular source of spam, surpassing the US and China. 10's first countries include Russia, Brazil, France, Iran and the Netherlands.
• Necurs botnet is still active. However, experts noted a decrease in the volume of unwanted messages sent by this botnet and its instability.
• The country most attacked by spam was Germany. The leader of the previous period, China, came second, followed by United Kingdom, Japan and Russia. Other popular destinations include Brazil, Italy, Vietnam, France and the US.
• Kaspersky Lab Anti-Phishing was activated 46.557.343 times on Kaspersky Lab users' computers. The largest proportion of attacked users was in Brazil (18,09%). Overall, 8,26% of unique Kaspersky Lab products worldwide have been phishing.
• As in the first quarter, the main targets of e-phishing attacks remained the same and come mainly from the financial sector: banks, payment services and online stores.
For more information on spam and phishing in the second quarter of 2017, you can find the specialist site Securelist.com.
