Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/31/2011
03:06 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Kaspersky Lab: Phishing Attacks On eBay Halved In April

Per usual, spammers exploited Easter to attract more attention to their mass mailings

Abingdon, UK, 31 May 2011 – Compared to the previous month, the amount of spam in email traffic increased by 1.2 per cent and averaged 80.8 per cent, according to Kaspersky Lab’s most recent monthly spam assessment. In the second half of April, the average figure exceeded 83.6 per cent, suggesting that the share of unsolicited mail will continue to grow in the coming months.

In April, phishers seemed to lose interest in eBay with almost half as many of its users being attacked compared to the previous month. The subsequent drop of 4.2 per cent saw eBay fall two places to fourth in the top 10 rating of organisations most often targeted in phishing attacks. PayPal was the undisputed leader of April’s rating. However, the intensity of the attacks on this e-pay system has eased off slightly, with a drop of 6 per cent compared to March. Facebook and Santander moved up to second and third respectively, though the number of attacks on these organisations only increased slightly compared with March.

As is usual at this time of year, spammers exploited Easter to attract more attention to their mass mailings. The sheer variety of Easter-themed spam messages was striking – from special weight loss offers to tablets for enhancing sexual potency. Mother’s Day, which is celebrated in many countries in early May, was reflected in numerous adverts for flowers and gifts, while the wedding of Prince William and Kate Middleton was accompanied with offers for souvenirs that included exact replicas of Kate’s engagement ring. Fortunately, the surge in malicious spam exploiting the “wedding of the year” theme that was predicted by antivirus vendors did not materialise.

India and Brazil remained the most popular sources of spam, accounting for 12.76 per cent and 7.15 per cent of the total volume of spam respectively. Russia continued its slide down the rating of most popular spam sources, being overtaken by South Korea whose contribution to global spam almost doubled compared with March’s figure.

Of particular interest in April was the appearance of Packed.Win32.Katusha.n and Trojan-Downloader.Win32.FraudLoad.hxv in the rating of malicious programs blocked by mail antivirus. Both malicious programs are linked to fake AV: the former is used to pack them while the latter downloads them to users’ computers. In April, malicious files were found in 3.65 per cent of all emails, an increase of 0.43 per cent compared with the previous month. The USA, Russia and the UK continued to occupy the top three places in the list of countries where malware was detected most frequently in mail traffic. There was an increase of 1.93 per cent recorded in the USA, but the figure for Russia decreased by 2.9 per cent compared to March.

A special case was reported in the USA in April, whereby a New York resident named Jeremy Clancy, 28, was so angry with the amount of spam he was receiving in his mail box and on his social network pages that he decided to track down his tormentors. Over the period of a week he found the locations of 23 people whom he suspected of distributing unsolicited correspondence, and in the evenings cut the Internet cables at their houses. On his eighth outing he was apprehended by the police and it was later disclosed that Clancy was suffering from a mental disorder.

-ENDS-

Kaspersky Lab Newsroom

Kaspersky Lab has launched a new online newsroom, Kaspersky Lab Newsroom Europe (http://newsroom.kaspersky.eu/en), for journalists throughout Europe. The newsroom is specifically designed to serve many of the media’s most common requests, making it easier for journalists to find product and corporate information, facts and figures, editorial copy, images, videos and audio files, as well as details about the appropriate PR contacts.

About Kaspersky Lab

Kaspersky Lab is the largest antivirus company in Europe. It delivers some of the world’s most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The company is ranked among the world’s top four vendors of security solutions for endpoint users. Kaspersky Lab products provide superior detection rates and one of the industry’s fastest outbreak response times for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky' technology is also used worldwide inside the products and services of the industry’s leading IT security solution providers. Learn more at www.kaspersky.co.uk. For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit http://www.securelist.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.