During the past quarter, political topics were among one of the most interesting for spammers. The upcoming US elections and the candidates involved gave fraudsters a good opportunity to target users. Among other hot topics of the quarter were the Olympic Games in Brazil, with both spammers and phishers earning money from sports fans.
Donald Trump became one of the main topics for the majority of spam emails related to politics. In these emails spammers told their targets about Mr. Trump’s unique methods of making money and invited them to copy Mr. Trump with their own business. To learn more, users were invited to click on the link in the email. The link led to a fake news portal with an article about how Mr. Trump made his money. To start making money themselves, users had to fill in their personal information in the online form on the webpage. The user earned no money but cybercriminals obtained sensitive data.
“Spammers are quite frequently trying to use breaking news and speculate on famous people. Donald Trump was not an exception. Users should be aware of this and remain vigilant in order to mitigate their risk. We also see that social networks are highly attractive for spammers and phishers. If one of your friends is starting to behave differently online and sending provocative links or even tag you or one of your friends under suspicious posts, it’s likely his account has been compromised. Do not click on those links and do not install any software that the system might suggest. Common sense can prevent nearly all infections of this type. In addition, think twice before opening attachments in emails, the risk of infection to your computer is very high”, warns Daria Gudkova, Spam Analysis Expert, Kaspersky Lab.
The Anti-Phishing system was triggered 32,363,492 times on the computers of Kaspersky Lab users. In Q2 2015, the system was triggered 30,807,071 times, which is almost a 5% increase. The largest percentage of users affected by phishing attacks was in China (20.22%) followed by Brazil (18.63%) and Algeria (14.3%). It is worth noting that the percentage of affected users in Q2 2015 was lower, the top three countries were: Brazil (9.74%), India (8.3%) and China (7.23%). The numbers doubled compared to the same quarter of 2015.
An unusual anomaly in the volume of malicious spam traffic was discovered in Q2 – from 1 June to 21 June, when the company’s experts registered a tremendous decrease in malicious spam email campaigns. During that time, there was a 20-fold drop in the average number of spam emails with zip archives, compared to the overall average for the quarter. At the same time, the Necurs botnet mysteriously reduced its fraudulent activities. Kaspersky Lab experts don’t have solid proof that these two events are connected, but it is likely. Several sources on the web reported that the operators behind the Necurs botnet experienced some technical issues resulting in an outage. These problems were apparently quickly fixed, as after 21 June the malicious spam email flow recovered, along with the botnet operations.
In order to stay safe and not fall into the fraudsters trap, Kaspersky Lab encourages you to stay wise while you are online. Do not click on the links and allow the installation of any plugins from suspicious online recourses. In addition, do not disable the Anti-Phishing and Anti-Spam components on your security solutions.