In the first quarter of 2014 spammers started imitating messages from mobile applications. They especially like the popular mobile messengers – WhatsApp, Viber and Google Hangouts. Notifications supposedly sent from these applications were used to spread both malware and harmless adverts. The rising popularity of mobile devices means that phishing attacks targeting Apple IDs are becoming more frequent.
Many gadget owners are used both to synchronisation of their contacts and to the fact that messages from mobile applications can arrive via email, so few would be suspicious of the fact that WhatsApp is not directly linked to an email service. This lack of caution could prove costly, since the attached archive contained the notorious Backdoor.Win32.Androm.bjkd, whose main function is to steal personal data from users.
“Recently we have seen a growth in the number of attacks targeting mobile users. Gadgets have become popular even among those who had little interaction with computers and are less familiar with computer security. This opens up new vectors of attacks for spammers and phishers.
To protect themselves, users should remember not to open emails from unknown senders and especially not to click any links in these emails, which inevitably pose a risk to user security. Clicking unsafe links threatens user security regardless of which device is used – they pose a danger to desktop computers and mobile gadgets alike,” said Darya GudkovaHead of the Content Analysis & Research Department at Kaspersky Lab.
Where has the spam gone?
The list of countries most frequently targeted by malicious emails has undergone some changes since the third quarter of last year. The US’s share (14 per cent) grew 3.68 percentage points while the contribution of the UK (9.9 per cent) and Germany (9.6 per cent) decreased by 2.27 and 1.34 percentage points respectively. As a result, the US, which was third in the previous quarter, returned to the top of the rating in Q1 2014.
Sources of spam by country
The top three spam sources remained unchanged from the previous quarter: China (-0.34 percentage points), the US (+1.23 percentage points) and South Korea (-0.91 percentage points).
Phishing
The email and search portals category topped the rating of the phishers’ most popular targets (36.6 per cent of all attacks). Second came social networking sites with 26 per cent followed by financial and e-pay organisations and banks (14.7 per cent)
Malicious attachments in email
The main goal of most malicious programs distributed via email is to steal confidential data. However, in Q1 malware, capable of spreading spam and launching DDoS attacks was also popular. Most popular malicious programs are now multifunctional: they can steal data from the victim’s computer, make the computer part of a botnet, or download and install other malicious programs without the user’s knowledge.
The percentage of spam in email traffic
The percentage of spam in total email traffic during the first quarter of the year came to 66.34 per cent, down 6.42 percentage points from the previous quarter. However, compared with the same period of Q1 2013, the share of spam in Q1 2014 barely changed, falling by only 0.16 percentage points.
The full report is available at securelist.com
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.