Spam and Phishing

In early November Typhoon Haiyan devastated the Philippines, with a catastrophic numbers of victims – several thousand were reported killed, while hundreds of thousands were evacuated. A few days after the typhoon struck we detected the first “Nigerian letters” in which scammers were exploiting the tragedy for their own selfish ends. The author of the

Two days ago FireEye reported that the recent CVE-2013-3906 exploit has begun to be used by new threat actors other than the original ones. The new infected documents share similarities with previously detected exploits but carry a different payload. This time these exploits are being used to deliver Taidoor and PlugX backdoors, according to FireEye. At Kaspersky

Back in March 2012 we teamed up with Crowdstrike, the Honeynet Project and Dell SecureWorks in disabling the second version of the Hlux/Kelihos-Botnet. We thought that now would be a good time for an update on what has happened to that sinkhole-server over the last 19 months. What we see now is what we expected. The botnet

I just received a spam e-mail in Portuguese stating that my mailbox had exceeded its maximum storage.

Since we published our first blog post about the mobile Trojan Trojan-SMS.AndroidOS.Svpeng, the cybercriminals have improved its functionalities. Now Svpeng is capable of phishing as well, trying to harvest the financial data of users.

The quarter in figures The percentage of spam in total email traffic decreased by 2.4 percentage points from the second quarter of 2013 and came to 68.3%. The percentage of phishing emails grew threefold and accounted for 0.0071%. Malicious attachments were detected in 3.9% of all emails – 1.6 percentage points more than in Q2

Spam in the spotlight After the September cold snap we recorded a lot of mass mailings about offers to cut heating bills and keep homes warm. They often appeared in both Russian and English-language spam. A large proportion of September mass mailings offered auto insurance services and adverts for printing services, particularly calendars for 2014.

The continuing conflict and the complex political situation in Syria have created the perfect conditions for new ‘Nigerian’ scams. In recent months, there has been a surge in the number of Nigerian letters that contained some sort of reference to Syria; scammers sent messages both in the names of ordinary citizens of that country and

A look at a series of mailings that, instead of a phishing site, linked to an advert for “male medication”.

The percentage of spam in email traffic in August was down 3.6 percentage points and averaged 67.6%. The level of phishing increased tenfold compared with July, and averaged 0.013%.

Money mule recruitment emails are nothing new, for years these have been spammed out all over the globe. What is new though is the recent wave aimed at “English-speaking Japanese residents”. It started at the end of July and we have received hundreds of such themed spam emails since then. The content typically promises an

The percentage of spam in email traffic in July was up only 0.1 percentage points and averaged 71.2%

Having realized that users are getting wise to their scams involving unclaimed inheritances of multi-millionaire African princes, so-called Nigerian scammers have resorted to other outlandish stories from their arsenal of social engineering. We recently caught a few messages in our traps that suggest the scammers are not only unscrupulous and greedy but also engage in

The percentage of spam in total email traffic increased by 4.2% from the first quarter of 2013 and came to at 70.7%.

We will look at the most popular spammer tricks that use redirects in one way or another, the most common and widely used types of redirect, as well as the distinguishing features and subjects of spam messages containing redirects.