Subscribe & Follow
Jobs
- Senior .Net Developer Cape Town
- Intermediate Full Stack Software Engineer Bedfordview
- Senior .Net Developer Cape Town
- Senior C# Developer Johannesburg
- Machine Learning Engineer Johannesburg
- Senior Data Scientist Cape Town
- Senior Data Analyst (SQL - ODS) Cape Town
- Senior Information Manager Johannesburg
- Senior C# Software Developer Johannesburg
- Mid-level Senior Developers George
Kaspersky Lab reveals spam and phishing findings
In a bid to persuade users to open these attachments, spammers imitated legitimate notifications from popular internet services and logistics companies such as Amazon, UPS or Western Union. As expected, social networking sites remained the most attractive target for phishers.
Most of the world's spam originated from two countries - China (21.4%) and the United States (16.3%). South Korea completed the top three - its contribution continued to grow and reached 12% in May.
Holiday- and lottery-related spam
Spammers continued to exploit national holidays in the US - Mother's Day and Memorial Day - to advertise goods and services. After Valentine's Day, Mother's Day is the second most active holiday for spam mailings, and the quantity of spam from "flower" partner programmes increases dramatically in the preceding days and weeks.
Our experts warn that not all of this holiday-related spam is a harmless inconvenience: users' personal data - including banking credentials - may be the spammer's main target. For instance, a number of phishing messages were sent in May disguised as Microsoft customer service support emails with the specific aim of stealing personal data.
The messages, which at first glance appear to come from the perfectly legitimate microsoft.com domain, stated that the user's "Microsoft Window" records would be suspended due to updates - supposedly recommended in earlier messages - not being installed. Recipients are told to immediately follow the link in the email to avoid any disruption. Users who fell for the scam ended up on a phishing site specially crafted to steal personal information.
Other mass mailings contained fraudulent notifications of wins in a non-existent lottery that was supposedly organised by Microsoft. In some mailings the scammers sent notifications about the supposed win and asked recipients to contact them for more information, while other messages promised huge sums of money while asking for a small payment to cover the costs of processing the winnings.
Exercise caution
As the holiday season gets underway internationally, experts anticipate a further increase in the number of fake notifications sent allegedly on behalf of well-known companies.
"We advise caution if you receive a notification from any service. Remember that official mailings never ask customers to enter and confirm personal or banking information via links contained in emails. Nor do they threaten to block customer accounts.
"Never click on a link if your antivirus programme or a browser has blocked it. Pay close attention to the links in the message. If the link indicated in the email leads to an unofficial site or if the text of the email shows the address of the official website while the link leads to another page, this is a clue that you may have a phishing email in front of you. If you have any doubts about the authenticity of the email, contact the customer support of the organisation which supposedly sent the email and find out whether this mass mailing really was sent out," says Darya Gudkova, head of content analysis and research at Kaspersky Lab.
The full version of the spam report for May 2013 is available at www.securelist.com.
For more information on Kaspersky Lab, go to www.kaspersky.co.za.