Spam in January 2012
The main topics exploited in spam mailings in January 2012 were Valentine’s Day, elections in Russia and the USA as well as the upcoming London Olympics.
The lion’s share of Valentine’s spam was distributed by partner programs offering flowers for sale, with program participants getting a cut from every customer they attracted. One of the traditional types of spam at this time of year is malicious messages imitating Valentine’s Day e-cards. Users should be particularly vigilant with all e-cards received from people they don’t know, especially those with an .exe link.
The first month of 2012 saw spammers making active use of upcoming elections in both Russia and the USA. The mailings contained messages canvassing for potential candidates and included unflattering videos of their opponents. Interestingly, French spam lacked any political overtone despite forthcoming presidential elections there. The spam analysts at Kaspersky Lab expect no let-up in the amount of political spam in the coming year compared with 2011.
Sporting themes have also become “newsworthy” for the fraudsters. The 2012 Olympic Games is the bait exploited by “Nigerian” spammers to distribute emails containing fake notifications of Olympic lottery wins. Advanced Internet users have no difficulty in recognising them as fraudulent messages, but less experienced users can easily fall victim to such scams.
Sources of spam
India and Indonesia remain the two biggest sources of spam. South Korea rounded off the top three in January after rising two places. The first six places in the rating of the most popular spam sources were occupied by Asian and Latin American countries.
According to data gathered from the cloud-based threat monitoring system Kaspersky Security Network1, phishing links are clicked from mail clients in about 65% of cases. In about 26% of cases phishing links are clicked directly from Internet browsers, including links clicked on webmail interfaces and social networking sites. Financial and e-pay organisations as well as banks are traditionally the prime targets for phishing attacks. In January, almost a quarter of the anti-phishing detections registered by Kaspersky Lab came from phishing sites designed to steal users’ bank and e-pay accounts.
Online stores and e-auctions were the second most popular target for the phishers followed by social networks and search engines in third and fourth places respectively.
The full version of the spam activity report for January 2012 is available at: www.securelist.com.