Personal finance

Personal Finance is one of the most popular spam categories. It includes offers to reduce credit bills, to get better insurance deals, to make loans and mortgages, to analyze stock markets, to get advice on investments, etc. The majority of spam in this category is English-language spam.

The Personal Finance spam category accounts for 1.5%-5% of the total volume of mail traffic.

Personal Finance spam emails can belong to one of two types:

  • Messages offering loans, credits, mortgages.
  • Messages offering a company’s shares at an advantageous price.

The first type of spam is characterized by the following features:

  • The messages are usually very short because the main task of the spammer is to persuade a user to click on the link contained in the text of the message and visit a website where they can allegedly get more detailed information.
  • Spammers often use techniques that hinder detection of the spam content. The body of such a message will usually contain figures instead of letters and vice versa, gaps between parts of the words, invisible text (white letters and a white background), etc.
  • Messages belonging to this type of spam sometimes do not contain any text at all. Spammers use a graphics file to depict the advertising text Instead.

Below is an example of such spam demonstrating some of the text tricks that the spammers use when trying to bypass filtering programs:

  • Distortion of the keyword ‘credit’ (it appears as ‘credtit’ or ‘cred-it’).
  • The text is arranged in such a way as to avoid special ‘financial terms’ which many filters detect as spam – ‘payment’, ‘money’, etc.


The second type of spam is company-specific (messages offering company shares and profitable investments). The main aim of the mailing is to persuade a user to buy these particular shares because they are sold at an advantageous price. Spam messages of this type:

  • are usually rather long.
  • can be masked as financial news mailings and contain graphs and diagram, links to popular financial sites, etc.
  • are based on a detailed analytical article providing arguments in favour of these particular shares.
  • include text tricks to mask typical spam content, like interspersing words with gaps and symbols, replacing letters with figures, etc.


As mentioned above, the Personal Finance spam messages are usually written in English. But this year has seen several examples of Russian-language spam in this category.


Spam and phishing in Q1 2018

The quarter’s main topic, one that we will likely return to many times this year, is personal data. It remains one of the most sought-after wares in the world of information technology for app and service developers, owners of various agencies, and, of course, cybercriminals. Unfortunately, many users still fail to grasp the need to protect their personal information and don’t pay attention to who and how their data is transferred in social media. Read Full Article


Tens of thousands per Gram

In late 2017, information appeared on specialized resources about a Telegram ICO to finance the launch of its own blockchain platform. The lack of information provided fertile ground for scammers: the rumors prompted mailshots seemingly from official representatives of the platform, inviting people to take part in the ICO and purchase tokens. Read Full Article


Every little bitcoin helps

It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail. Read Full Article


IT threat evolution Q3 2017

Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article


Spam and phishing in Q3 2017

In terms of the average share of spam in global email traffic (58.02%), the third quarter of 2017 was almost identical to the previous reporting period: once again growth was slightly more than one percentage point – 1.05 (and 1.07 p.p. in Q2 2017). As in previous quarters, spammers were quick to react to high-profile events and adapted their fraudulent emails to the news agenda. Read Full Article


Spam and phishing in Q2 2017

In Q2 2017, the average share of spam in global email traffic amounted to 56.97%, which was only 1.07 p.p. more than in the previous quarter. One of the most notable events of this quarter – the WannaCry epidemic – did not go unnoticed by spammers: numerous mass mailings contained offers of assistance in combating the ransomware. Read Full Article