General22.04.2013

Spammers are sharing Hugo Chavez’s legacy

After a sharp increase in spam volumes in February, March saw the flow of junk mail stabilise at a level of 70.1%. Despite this reduction, however, users could not afford to relax since at the same time the share of malicious attachments in unsolicited e-mail correspondence increased by 1.2 percentage points in March and averaged 4%.

The death of Venezuela’s President Hugo Chavez not only hit the global headlines – it also alerted fraudsters to the Latin American country. There was an instant reaction to the news, and it immediately began to appear in mass mailings. One example claimed to come from the chief of Venezuela’s sea ports, who was apparently looking for help to recover the money he had received after selling diesel fuel to South Sudan. In the first email the scammers did not offer any specific reward, aiming simply to generate interest and get responses. Only later in the correspondence was any cash reward discussed.

Yet another mass mailing was sent supposedly on behalf of the head of security and a close friend of Hugo Chavez. As always, the imagination of these “Nigerian” fraudsters knows no bounds: this mythical “friend” has access to the money which the late president kept on the bank account of his secret lover. Apparently, the lucky recipient of this email can cream off 25% of that sum in return for some assistance in transferring this money out of the country.

After a short lull, the scammers distributing malware via email, resumed sending fake notifications from popular online booking services. In March, we registered a new mass mailing allegedly coming from the Atlantic Hotel booking service: the supposed hotel manager informed the recipient that his arrival was expected on March 20, 2013. The attached file contained an archive which, when opened, infected the computer with a Trojan designed to extort money or financial information from users.

March, the U.S. and China vied for top spot among the world’s biggest sources of spam. Last month the battle was won by the Chinese, who accounted for a quarter of all junk mail (+11.4 percentage points). At the same time, the U.S. contribution increased slightly (+0.4% percentage points), remaining in second position.

Italy’s unexpected rise to the 1st place in the rating of email antivirus detections in February (6.6%) did not last – in March it was replaced by the U.S. (13.6%). Germany came 2nd again (11.1%): its share remained almost unchanged from February. It was followed by Australia (7%), whose contribution grew by 1.3 percentage points moving it up from 5th to 3rd place. There was little change to the percentages of the other countries in the rating.

In March, the percentage of phishing emails in total email traffic doubled from February and averaged 0.006%. Social networking sites continued to be the most attractive target for phishers’ attacks. The Top 3 also included Financial and e-pay organisations and Search engines, which came 2nd and 3rd respectively.

The distribution of the Top 100 organisations targeted by phishers, by category

PRess release“March was a stable month for spam. This is reflected not only in the percentage of junk email but also the geographical distribution of its main sources, primarily the United States and China, which totally produced 43% of global spam”, commented Tatyana Shcherbakova, Kaspersky Lab senior spam analyst. “The twofold increase in the amount of phishing emails in March means users must be more watchful with their email. This is particularly true for people with accounts on social networking sites: one third of all phishing attacks targeted this category of users.”

The full version of the spam report for March 2013 is available at securelist.com

 

 

 

Sign up to the MyBroadband newsletter