Spam in January: fake WhatsApp notifications and real stars for Valentine’s Day

The analysts at Kaspersky Lab have published the results of the company’s spam monitoring for the first month of 2014.

Top 3 stories in January

• Detection of emails claiming to be from the popular WhatsApp messenger for smartphones. The messages stated that an attached archive contained a photo from a “friend”. The attachment actually contained a malicious program detected by Kaspersky Lab as Backdoor.Win32.Androm.bjkd – a notorious backdoor whose main functionality is to download other malware on the victim computer and steal personal data.
• A popular theme in January was that of video surveillance systems to help secure private and commercial premises. The English-language spam on this theme focused on personal safety and the possibility of keeping an eye on husbands and wives, as well as health visitors and workmen in private homes.
• In the run-up to Valentine's Day English-language spam included the traditional ‘flower’ partner mailings and suggestions for a romantic meal or trip, as well as adverts offering some very unusual gifts such as a real star in the sky.

In January, scammers continued to send out ‘Nigerian’ letters exploiting the deaths of former Israeli prime minister Ariel Sharon and South Africa’s ex-president Nelson Mandela. One ‘Nigerian’ letter was supposedly written by the lawyer of the late president’s second wife. It stated that his ex-wife and her lawyer needed help to obtain a huge amount of money and gold bars and assistance to invest it. They claimed they were searching for a respectable person who had to be a foreign citizen. Another similar letter claimed to come from Mandela’s third wife Graca Marshal. The scammers tried to win the recipient’s sympathy with a sad tale about the struggle for his millions within the Mandela family. The fraudsters asked for help in transferring money and keeping it safe in an account belonging to the recipient.

Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Lab, commented: “Trojan-Spy.html.Fraud.gen remained the most widespread malicious program. It belongs to a family of Trojan programs that use spoofing technology to imitate HTML pages, and are distributed via email in fake notifications from major commercial banks, software developers and e-stores. After opening one of these pages, users enter their login details, which is then passed on to cybercriminals who gain full access to the victims’ confidential information.”

Statistics

• The share of spam in global email traffic decreased by 7.6 percentage points and averaged 65.7% in January. The drop in the proportion of spam was due to a traditional lull in activity at the beginning of the year.

Leader of the month - USA

• The USA (+3.5 percentage points, 16%) topped the rating of countries with the highest number of mail antivirus pushing the UK down to second (-3.41 percentage points, 10%). Germany remained third (-0.39 percentage points, 10%).
• The USA replaced China as the biggest source of spam (21.9%). China’s contribution (16%) fell by 7 percentage points, leaving it in second place. South Korea was third once again (12.5%).

The full report is available at securelist.com.