Threat Category: Spam and Phishing

Attackers are increasingly sending phishing emails with SVG attachments that contain embedded HTML pages or JavaScript code.

We analyze 2024’s key spam and phishing statistics and trends: the hunt for crypto wallets, Hamster Kombat, online promotions via neural networks, fake vacation schedules, and more.

Compensations for scam victims, and millionaires losing their family to COVID-19: read on to learn about the types of “Nigerian” spam one could come across in 2024.

Attackers are sending malicious scripts that download the Remote Manipulator System (RMS) build, known as BurnsRAT, and NetSupport RAT

Kaspersky experts look back on their expectations about the 2024 privacy and consumer cyberthreats trends and try to predict what to expect in 2025.

Kaspersky experts share their insights into cyberthreats that face online shoppers in 2024: phishing, banking trojans, fake shopping apps and Black Friday sales on the dark web data market.

Scammers use large language models (LLMs) to create phishing pages and leave artifacts in texts and tags, like the phrase “As an AI language model…”.

Kaspersky experts have discovered a new scheme that combines elements of spear and mass phishing

Kaspersky analysts explain which applications are targeted the most, and how enterprises can protect themselves from phishing and spam.

Explaining how scammers use phishing and OTP bots to gain access to accounts protected with 2FA.

Here’s how scams target buyers and sellers on online message boards, and how the gangs behind them operate.

In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware.

This report contains spam and phishing statistics for 2023, along with descriptions of the main trends, among these artificial intelligence, instant messaging phishing, and multilingual BEC attacks.

Kaspersky experts review last year’s predictions on consumer cyberthreats and try to anticipate the trends for 2024.

As Black Friday approaches, Kaspersky analyzes phishing and spam activity around major sales events, and reviews statistics on online shopping threats in 2023.

Reports

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.

Spam and Phishing

Phishing attacks leveraging HTML code inside SVG files

Spam and phishing in 2024

Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

Consumer and privacy predictions for 2025

Scammer Black Friday offers: Online shopping threats and dark web sales

Loose-lipped neural networks and lazy scammers

When spear phishing met mass phishing

Cybersecurity in the SMB space — a growing threat

Bypassing 2FA with phishing and OTP bots

Message board scams

Financial cyberthreats in 2023

Spam and phishing in 2023

Consumer cyberthreats: predictions for 2024

The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season

Reports

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

Subscribe to our weekly e-mails