Threat Category: Spam and Phishing | Page 2

How to trick the machine-learning model in Anti-Spam designed to detect and quarantine suspicious e-mails, and how to detect such attacks.

We’ve analyzed the life cycle of phishing pages, how they transform during their active period, and the domains where they’re located.

We constantly monitor the landscape of shopping-related threats and release a report tracking the latest criminal activity targeting online shoppers. Here’s what we found this year.

This report contains spam and phishing statistics for Q3 2021, plus descriptions of scams linked to the Olympics, Euro 2020, COVID-19, and other relevant events.

How we took part in the Machine Learning Security Evasion Competition (MLSEC) — a series of trials testing contestants’ ability to create and attack machine learning models.

This report contains technical analysis of the Trojan-Banker named QakBot (aka QBot, QuackBot or Pinkslipbot) and its information stealing, web injection and other modules.

In this report, you will find statistics and other information about gaming-related malware, phishing schemes and other threats in 2020 and the first half of 2021.

Q2 2021 spam and phishing statistics, plus main trends: corporate mail phishing, compensation fraud, WhatsApp scam, etc.

In mid-March 2021, we observed two new spam campaigns delivering banking Trojans. The payload in most cases was IcedID, but we have also seen a few QBot (aka QakBot) samples.

This article analyzes different ways of the spoofing email addresses through changing the From header, which provides information about the sender’s name and address.

In the EU, 70% of user computers experienced at least one Malware-class attack, 115,452,157 web attacks and 86,584,675 phishing attempts were blocked.

In terms of spam and phishing, in Q1 2021, we largely saw a continuation of the 2020 trends: exploitation of COVID-19 theme, hunting corporate account credentials and spoofing of online store websites.

This research is a continuation of our annual financial threat reports providing an overview of the latest trends and key events across the financial threat landscape. The study covers the common phishing threats, along with Windows and Android-based financial malware.

Organizations can become a target of doxing. Corporate doxing poses a serious financial and reputational threat to a company.

COVID-19 spam, corporate phishing, fake videoconferences and other trends and figures of 2020.

Reports

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

Kaspersky analysis of the CloudWizard APT framework used in a campaign in the region of the Russo-Ukrainian conflict.

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

We continued to track Tomiris as a separate threat actor over three new attack campaigns between 2021 and 2023, and our telemetry allowed us to shed light on the group. In this blog post, we’re excited to share what we now know of Tomiris with the broader community, and discuss further evidence of a possible connection to Turla.

Spam and Phishing

How and why do we attack our own Anti-Spam?

The life cycle of phishing pages

Black Friday 2021: How to Have a Scam-Free Shopping Day

Spam and phishing in Q3 2021

How we took part in MLSEC and (almost) won

QakBot technical analysis

Gaming-related cyberthreats in 2020 and 2021

Spam and phishing in Q2 2021

Malicious spam campaigns delivering banking Trojans

Email spoofing: how attackers impersonate legitimate senders

Kaspersky Security Bulletin 2020-2021. EU statistics

Spam and phishing in Q1 2021

Financial Cyberthreats in 2020

Doxing in the corporate sector

Spam and phishing in 2020

Reports

Meet the GoldenJackal APT group. Don’t expect any howls

CloudWizard APT: the bad magic story goes on

APT trends report Q1 2023

Tomiris called, they want their Turla malware back

Subscribe to our weekly e-mails