Fraud-minded spammers continue to globally exploit the zeitgeist of current events that make opening unsolicited email irresistible, accounting for the 59 percent increase in phishing attacks last year compared to the previous 12 months, summed up Kaspersky Lab in its “Spam and Phishing 2017” analysis.
Spammers took advantage of the bitcoin surge at the end of the year by fooling unsuspecting recipients with get-rich-quick offers to steal their money or personal information.
“We expected this growth,” comments Nadezhda Demidova, lead web-content analyst at Kaspersky Lab. “At some point the attacks became more targeted and the cyber-criminals focused on this … even fairly simple examples of phishing can be tailored to the victim on the fly.”
The report was based on attacks detected in 2017 by the Kaspersky Lab Anti-Phishing system, triggered last year 246,231,645 times on users' computers, which is 59 percent higher than in 2016, when phishing attacks were increased only by 4.5 percent.
Spam accounted for 56.63 percent of email traffic, dropping 1.68 percent compared with 2016. (Kaspersky didn't indicate what percent of spam had malicious intent, containing malware, etc.)
Other report highlights:
• More spam emanated from the US (13.21 percent) than any other country, followed by China (11.25 percent) and Vietnam (9.85 percent).
• Others in the top 10 include India, Germany, Russia, Brazil, France and Italy.
• Germany was targeted more than any other country (16.25 percent). Others in the top 10 include China, Russia, Japan, UK, Italy, Brazil, Vietnam, France and UAE.
• Brazil suffered the most from phishing attacks (29.02 percent)
• Overall, 15.9 percent unique users of Kaspersky Lab products worldwide were attacked by phishing
Closely watched events such as the FIFA World Cup 2018 have inspired phishing attacks casting a wide net on football fans. The report cites spammers that actively spread fraudulent emails with official logos of the event, including organisers and sponsor brand information, and notify future victims about lottery wins and free tickets.
This year Kaspersky anticipates other cryptocurrency “pump and dump” schemes to follow the 2017 Bitcoin fad. “Everything will depend on the prices of crypto-currencies and the level of excitement around them,” Demidova says. “Given the level of interest around the crypto currency, not only technically savvy people are interested in this topic.”
Kaspersky is seeing spam letters under the guise of utilities for earning Bitcoins as bait, instructions for cryptocurrency trading, and offers for cryptolockers that result in Bitcoin ransom demands. Monitoring rent proposals for unused computing power to cloud mining specialised data centres, Kaspersky found “in all cases, users became victims, losing money instead of earning any profit.”