Spam and Phishing

Recently we revealed that a threat actors exploited social networks to spread a Trojan that captures a victim’s entire browser traffic. Approximately 10,000 Facebook users with Windows PCs were hit by malicious friend notifications. In this article we will explain the security issue and attack.

Whilst sitting and working in the South African office I receive an email from my Swedish ISP. I quickly look at it and there is something that doesn’t add up. The email states that I need to pay my invoice, but I never receive electronic invoices from this company.

A malware attack tricked around 10,000 Facebook users around the world. Compromised PCs were used to hijack Facebook accounts in order to spread the infection through the victim’s Facebook friends and for other malicious activity.

In this blog post we discuss the threats to visitors aiming to travel to Brazil to watch the Olympic Games and to those planning to watch it online. We’ll talk about phishing attacks, highlight WiFi security and touch upon physical security that involves the usage of USB charging spots, the problem of credit card cloning and ATM skimmers.

Back in 2015, a year before the Olympics in Rio, we registered fake notifications of lottery wins allegedly organized by the country’s government and the International Olympic Committee. Similar emails continue to be sent in 2016.

In the first quarter of 2016 the percentage of spam in email traffic increased by 2.7 percentage points compared with the previous quarter. But it is too early to speak about a growth trend. The US remained the biggest source of spam in Q1 2016. The Top 5 also included Vietnam, India, Brazil and China – all large, fast developing countries with high levels of internet connection.

2016 has only just got underway, but the first three months have already seen the same amount of cybersecurity events that just a few years ago would have seemed normal for a whole year. The main underlying trends remained the same, while there was significant growth in trends related to traditional cybercrime, especially mobile threats and global ransomware epidemics.

Major football tournaments such as the World Cup and the European Championship, traditionally attract a lot of spammer activity. Euro 2016 will be held this summer in France, and it’s not only the fans and players who are getting ready but also Internet fraudsters. The latter have started sending out fake notifications about lottery wins dedicated to the upcoming tournament.

In recent weeks, we have seen several mass-mailings in French, Italian and English, imitating messages from Amazon’s online shops. In all the mailings, the recipients were offered a voucher, a gift certificate or some other prize.

After analyzing all the known malware modifications in Acecard family, we established that they attack a large number of different applications. In particular, the targets include nine official social media apps.

In 2015, the proportion of spam in email traffic decreased by 11.48 percentage points and accounted for 55.28%. This reduction was caused by the migration of advertising for legal goods and services from spam flows to more convenient and legal platforms, as well as by the expansion of the “gray” zone in mass mailings.

Security experts have for years reiterated: cybercriminals can make use of any information that you publish about yourself on a social network. However, a huge amount of users still continue to share news and a plethora of personal information with their virtual friends as well as incidental onlookers. This may lead to unpleasant and, at times, unforeseen consequences.

To ease their customers’ nerves, delivery services send email notifications and provide shipment tracking systems. However, this type of communication also creates the ideal conditions for cybercriminals to send phishing messages in the name of major delivery services.

The war in Syria, which began several years ago, has recently become one of the most widely reported events in the media. Along with the growing interest of the international community in Middle East events, “Nigerian” scammers have also jumped on the bandwagon.

In Q3 of 2015, the percentage of spam in email traffic accounted for 54.2%. The holiday season saw an increase in tourism-related malicious spam. Cybercriminals sent out fake notifications from well-known booking services, airlines and hotels, as well as emails from individuals. They typically included attached archives with different Trojan downloaders.