Threat Category: Spam and Phishing

We analyze 2024’s key spam and phishing statistics and trends: the hunt for crypto wallets, Hamster Kombat, online promotions via neural networks, fake vacation schedules, and more.

Compensations for scam victims, and millionaires losing their family to COVID-19: read on to learn about the types of “Nigerian” spam one could come across in 2024.

Attackers are sending malicious scripts that download the Remote Manipulator System (RMS) build, known as BurnsRAT, and NetSupport RAT

Kaspersky experts look back on their expectations about the 2024 privacy and consumer cyberthreats trends and try to predict what to expect in 2025.

Kaspersky experts share their insights into cyberthreats that face online shoppers in 2024: phishing, banking trojans, fake shopping apps and Black Friday sales on the dark web data market.

Scammers use large language models (LLMs) to create phishing pages and leave artifacts in texts and tags, like the phrase “As an AI language model…”.

Kaspersky experts have discovered a new scheme that combines elements of spear and mass phishing

Kaspersky analysts explain which applications are targeted the most, and how enterprises can protect themselves from phishing and spam.

Explaining how scammers use phishing and OTP bots to gain access to accounts protected with 2FA.

Here’s how scams target buyers and sellers on online message boards, and how the gangs behind them operate.

In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware.

This report contains spam and phishing statistics for 2023, along with descriptions of the main trends, among these artificial intelligence, instant messaging phishing, and multilingual BEC attacks.

Kaspersky experts review last year’s predictions on consumer cyberthreats and try to anticipate the trends for 2024.

As Black Friday approaches, Kaspersky analyzes phishing and spam activity around major sales events, and reviews statistics on online shopping threats in 2023.

Gaming-related threat landscape in 2023: desktop and mobile malware disguised as Minecraft, Roblox and other popular games, and the most widespread phishing schemes.

Reports

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.

In this article, we discuss the tools and TTPs used in the SideWinder APT’s attacks in H2 2024, as well as shifts in its targets, such as an increase in attacks against the maritime and logistics sectors.

Kaspersky researchers analyze EAGERBEE backdoor modules, revealing a possible connection to the CoughingDown APT actor.

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”.

Spam and Phishing

Spam and phishing in 2024

Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

Consumer and privacy predictions for 2025

Scammer Black Friday offers: Online shopping threats and dark web sales

Loose-lipped neural networks and lazy scammers

When spear phishing met mass phishing

Cybersecurity in the SMB space — a growing threat

Bypassing 2FA with phishing and OTP bots

Message board scams

Financial cyberthreats in 2023

Spam and phishing in 2023

Consumer cyberthreats: predictions for 2024

The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

Reports

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

SideWinder targets the maritime and nuclear sectors with an updated toolset

EAGERBEE, with updated and novel components, targets the Middle East

BellaCPP: Discovering a new BellaCiao variant written in C++

Subscribe to our weekly e-mails