Spam and Phishing

PDF Version The year in figures The proportion of spam in email flows was 69.6% in 2013, which is 2.5 percentage points lower than in 2012 The percentage of emails with malicious attachments was 3.2%, which is 0.2 percentage points lower than in 2012 32.1% of phishing attacks targeted social networks The greatest amount of

Spam in the spotlight In December, spammers continued to honor the traditions of the season and tried to attract potential customers with a variety of original gift and winter vacation offers, taking advantage of the approaching holidays. As usual, they also advertised seasonal goods and services. The news of Nelson Mandela’s death also inspired new

We just received a spam message in Portuguese stating the following: In short, this message says that WhatsApp for PC is finally available and that the recipient already has 11 pending invitations from friends in his account. This is what the email looks like: If the victim clicks on the link, it will lead him/her to a

Introduction Last week a good friend (@Dkavalanche) mentioned in his twitter account his findings of a Betabot malware which was spammed via fake emails in the name of Carabineros of Chile. It piqued my attention so I dug a little bit and this is what I found: The original .biz domain used in the malicious campaign was bought

Introduction Today we got a spam message with a fake e-card in Portuguese leading to an interesting piece of malware: Header translation: You got a Christmas e-card. Somebody very special has sent this Christmas e-card for you. In case you are not able to visualize it, click here. Much better than any present is a

Spam in the spotlight In November we saw a large number of spam messages offering seasonal and full-time jobs. This comes as a surprise for this time of the year: the labor market is experiencing a “low season” as the end of the fiscal year approaches. This type of spam often didn’t contain any specific

In our search for various types of malicious code for Mac we recently came across a rather interesting peculiarity in Safari. It turns out that Safari for Mac OS, like many other contemporary browsers, can restore the previous browsing session. In other words, all the sites that were open in the previous session – even

In 2014 we expect significant growth in the number of threats related to economic and domestic cyber-espionage, with cyber-mercenaries/cyber-detectives playing an active role in such attacks. The full report is available here

Spammers actively spread malware using fake notifications on behalf of various financial and banking institutions, booking and delivery services and other companies.

Last week, Kaspersky Lab identified a mass mailing of phishing letters sent in the name of leading IT security providers.

Once again, it’s time for us to deliver our customary retrospective of the key events that have defined the threat landscape in 2013. Let’s start by looking back at the things we thought would shape the year ahead, based on the trends we observed in the previous year. The full report is available here.

Spam in the spotlight In October, spammers continued to actively use the names of well-known companies to spread malicious ZIP files. We registered several mass mailings offering rather unusual, if not to say exotic, services – love spells, incantations to enhance careers and other forms of white and black magic. There were significantly more mailings

In early November Typhoon Haiyan devastated the Philippines, with a catastrophic numbers of victims – several thousand were reported killed, while hundreds of thousands were evacuated. A few days after the typhoon struck we detected the first “Nigerian letters” in which scammers were exploiting the tragedy for their own selfish ends. The author of the

Two days ago FireEye reported that the recent CVE-2013-3906 exploit has begun to be used by new threat actors other than the original ones. The new infected documents share similarities with previously detected exploits but carry a different payload. This time these exploits are being used to deliver Taidoor and PlugX backdoors, according to FireEye. At Kaspersky

Back in March 2012 we teamed up with Crowdstrike, the Honeynet Project and Dell SecureWorks in disabling the second version of the Hlux/Kelihos-Botnet. We thought that now would be a good time for an update on what has happened to that sinkhole-server over the last 19 months. What we see now is what we expected. The botnet