Spam in September: Ebola in “Nigerian” letters

By   ISBuzz Team
Writer , Information Security Buzz | Oct 26, 2014 05:03 pm PST

Spammers produced topical new versions of the old “Nigerian Letter” scam, this time based on the Ebola virus. According to Kaspersky Lab experts, several mass mailings in September exploited this theme.

Spam in figures

·         The percentage of spam in September’s email traffic averaged 66.5%, which is 0.7 percentage points down from August;
·         The main distributors of spam were the USA (12%), Vietnam (9.3%) and Russia (5.8%);
·         In September, Germany became the country with the most antivirus detections (9.11%) followed by the UK (8.45%) and the USA (8.26%);
·         Financial phishing accounted for 36.97% of all detections made by Kaspersky Lab’s anti-phishing component, a 1.7 pp growth compared with the previous month.

“Infected” spam

In September, we came across an email from a rich Liberian lady dying of Ebola. It contained a long story about her children who died from the virus and about a local medical centre that refused to help her. She was willing to donate more than $1.5 million to a recipient who would transfer this money to appropriate charities.

The authors of another fraudulent mailing introduced themselves as employees of the World Health Organisation and tried an unusual tack to attract attention – the reader was invited to a conference where Ebola would be discussed along with other medical issues. The recipient was also offered a job – paying 350,000 Euros a year – and a complementary car to take up a position as the WHO’s UK representative.

Featured Download: CISO Data Breach Guide

“Spammers routinely try to exploit breaking news and topical events. The scammers seldom miss an opportunity to use high-profile events to attract the users’ attention and convince them that these fraudulent emails are for real. So after the first news reports about Ebola emerged in July, it was no surprise to start seeing related mass mailings as early as September, exploiting the headlines to deceive recipients and extort money from them,” commented Tatyana Shcherbakova, Senior spam analyst at Kaspersky Lab.

Among the more unusual mailings of the month, we saw spam messages targeting collectors. English-language users were offered a free booklet on British medals from the First World War. The emails with the generous offer supposedly came from the SSAFA, a charity created to assist British war veterans and their families.

The full text of the September report is available on the Securelist website.

About Kaspersky Lab

kaspersky labKaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 17-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at