Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/23/2014
12:41 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Financial Data Leads The Malicious Spam Hit List For Third Year In A row

In some spam categories commercial advertising is being gradually displaced by criminal mailings

ABINGDON, England, January 23, 2014 /PRNewswire/ --

The proportion of spam in email traffic continues to fall - in the last three years the share of unsolicited messages has fallen by 10.7 percentage points. It appears that advertisers increasingly prefer the various types of legitimate online advertising that are now available and which generate higher response rates at lower costs than spam can offer.

The criminalisation of spam

In some spam categories commercial advertising is being gradually displaced by criminal mailings, such as spam messages, advertising illegal goods or pornography. A typical example is the Travel and Tourism category that used to account for 5-10% of all spam traffic. These days, commercial adverts like this are rare, but the experts see numerous malicious emails actively exploiting the subject of travel and leisure.

Fake antivirus vendor messages

It is common for IT security experts to recommend that users regularly update their antivirus solutions, and that is something that cybercriminals tried to take advantage of in 2013. In emails that appear to be sent by well-known antivirus vendors such as Kaspersky Lab, McAfee, ESET, Symantec etc., they urged users to update their systems immediately using an attached file. The attachment turned out to contain a Trojan from the infamous ZeuS/Zbot family that is designed to steal sensitive user data, particularly financial information.

Darya Gudkova, Head of Content Analysis at Kaspersky Lab, commented: "For the third year in a row the most prevalent malware spread by email were programs that attempted to steal confidential data, usually logins and passwords for Internet banking systems. At the same time, however, phishing attacks are shifting from bank accounts to social networking and email. This can be partly explained by the fact that today's email accounts often give access to a lot of content, including email, social networking, instant messaging, cloud storages and sometimes even a credit card."

'Gray' mailings: bypassing the spam filters

In a bid to reach even greater numbers of users, but wary of spam filters that block unwanted messages, advertisers are resorting to trickery. Part of a mass mailing is sent to subscribers who have agreed to receive adverts, and part is sent to addresses taken from huge databases these companies have purchased - to people who never gave their consent to receive such messages. If the mailings are blocked by spam filters, the advertisers contact the security vendor and try to prove their mailings are legitimate by showing the websites where users sign up and can unsubscribe at any time. This poses a new challenge for the anti-spam industry and is leading to the development of new technologies based on sender reputations.

Where's the spam coming from?

Asia accounted for 55.5% of the world's spam in 2013 (an increase of 5.3 percentage points compared to 2012), followed by North America with 19% (+ 3.2 points). Eastern Europe's share almost doubled compared to the previous year, placing the region in third with 13.3%. Western Europe remains in fourth place despite a decrease of 2.4 percentage points, while the share of Latin America in fifth place amounted to a threefold drop compared to 2012.

For more information about spam in 2013, please go to securelist.com

[http://www.securelist.com/en/analysis/204792322/Kaspersky_Security_Bulletin_Spam_evolution_2013

] .

Additional reading:

Spam in December 2013

[http://www.securelist.com/en/analysis/204792323/Spam_in_December_2013 ]

About Kaspersky Lab

Kaspersky Lab is the world's largest privately held vendor of endpoint protection solutions. The company is ranked among the world's top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers.

Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at http://www.kaspersky.com.

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2012. The rating was published in the IDC report "Worldwide Endpoint Security 2013-2017 Forecast and 2012 Vendor Shares (IDC #242618, August 2013). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2012.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
GitHub Named in Capital One Breach Lawsuit
Dark Reading Staff 8/14/2019
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
The Flaw in Vulnerability Management: It's Time to Get Real
Jim Souders, Chief Executive Officer at Adaptiva,  8/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5034
PUBLISHED: 2019-08-20
An exploitable information disclosure vulnerability exists in the Weave Legacy Pairing functionality of Nest Cam IQ Indoor version 4620002. A set of specially crafted weave packets can cause an out of bounds read, resulting in information disclosure. An attacker can send packets to trigger this vuln...
CVE-2019-5035
PUBLISHED: 2019-08-20
An exploitable information disclosure vulnerability exists in the Weave PASE pairing functionality of the Nest Cam IQ Indoor, version 4620002. A set of specially crafted weave packets can brute force a pairing code, resulting in greater Weave access and potentially full device control. An attacker c...
CVE-2019-5036
PUBLISHED: 2019-08-20
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a specially cr...
CVE-2019-8103
PUBLISHED: 2019-08-20
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation ...
CVE-2019-8104
PUBLISHED: 2019-08-20
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation ...