Woburn, MA – May 28, 2014 – In its latest report, Kaspersky Lab highlights the spam activity
from April 2014. The report shows how malicious attachments in April were
as e-greetings and notifications about faxes. Also, the percentage of spam in
global email traffic in April averaged 71.1 percent - an increase of 7.6 percent
compared to the previous month.
In the case of the former, alleged Easter
greetings turned out to be the Fareit.aonw Trojan with fairly limited
functionality: it didn’t try to steal any passwords, but did download and
launch a far more dangerous Zbot Trojan-Spy designed to attack servers and
steal personal data. The second case involved fake messages from a popular
online fax service. The messages contained a small Trojan downloader that
installed the same spy program from the notorious Zeus/Zbot family.
Lab detected several large malicious attacks in April disguised as faxes sent
by the popular online fax service eFax, which allows users to send and receive
faxes as email attachments. The fake messages usually included a notification
about an incoming fax, and to be more persuasive, it would indicate the number
of pages in the fax. However, the zip file actually contained malware,
specifically Trojan-Downloader.Win32.Cabby.a — a rather small Trojan downloader
that carries a CAB file in its body with the document or graphic that is
displayed to the recipient after launching. While the victim is busy viewing
the attachment, Cabby stealthily downloads another threat. In the cases we
observed, the secondary malicious program was from the same widespread
ZeuS/Zbot family (Trojan-Spy.Win32.Zbot.shqe).
of organizations most frequently targeted by phishers in April was ‘Email and
search engine sites’, accounting for 31.9 percent of attacks. ‘Social networks’ were
in second place with 23.8 percent (a drop of 0.2 percentage points). ‘Financial and
payment organizations’ came third with 13 percent (0.2 percentage points less than March).
target of the month was a large Chinese telecommunications company called
Tencent that, among other things, offers tech support for the QQ instant
messaging client. Scammers tried to get client logins and passwords using some
familiar tricks such as telling users to follow a link to restore access to their
account. The link actually led to a phishing site. The notification was sent as an image, which helped it bypass spam
filters and made the email look more legitimate.
Quote: Tatyana Shcherbakova, Senior Spam
Kaspersky Lab “Last
month, we saw a new wave of so-called pump and dump spam. The scammers behind
these mailings advertised offers to buy stock in a certain company at super low
prices, which were allegedly meant to increase considerably in the near future.
As a result, the demand for the stock in the company rose, the prices became
artificially inflated — and the scammers would then sell off their stock in
said company. The stock prices would then begin to fall, and the bamboozled
investors were left with depreciated shares and lost their investments. As a
rule, scammers tend to choose little known companies for these schemes, where
the stock is traded on a secondary market. In April, they used Rich
Pharmaceuticals, a US company.”
percentage of spam in global email traffic in April averaged 71.1 percent - an
increase of 7.6 percentage points compared to the previous month.
Kaspersky Lab Kaspersky Lab
is the world’s largest privately held vendor of endpoint protection solutions.
The company is ranked among the world’s top four vendors of security solutions
for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has
remained an innovator in IT security and provides effective digital security
solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its
holding company registered in the United Kingdom, currently operates in almost
200 countries and territories across the globe, providing protection for over
300 million users worldwide. Learn more at
* The company was rated fourth in the IDC rating
Worldwide Endpoint Security Revenue by Vendor, 2012. The rating was published
in the IDC report "Worldwide Endpoint Security 2013–2017 Forecast and 2012
Vendor Shares (IDC #242618, August 2013). The report ranked software vendors
according to earnings from sales of endpoint security solutions in 2012.
the latest in-depth information on security threat issues and trends, please