Skip to main content

Woburn, MA – February 15, 2018 – According to Kaspersky Lab’s “Spam and Phishing in 2017” report, criminals have been following a global agenda by using hot topics such as FIFA 2018 and Bitcoin to fool users and steal their money or personal information in the last 12 months.

Spammers have shown themselves to be thoughtful actors, instantly monitoring global issues and major events worldwide with one main purpose – to capture and capitalize on their victim’s attention. Kaspersky Lab’s ongoing research on spam and phishing activities confirms the methods used by spammers are effective, due to users’ decreased attention and increased unconditional trust. These factors combined mean that people are more likely to follow false instructions.

While the world was intensively preparing for FIFA 2018 last year, spammers have been actively spreading related emails. Thus, they’ve been sending victims fraudulent messages with official logos of the event, including organizers and sponsor brand information, and notifying users about lottery wins and even promising free tickets.

Another hot spam and phishing topic in 2017 was cryptocurrency - as Bitcoin’s price drastically increased. Kaspersky Lab researchers have previously recorded a growth in blockchain-themed tricks in the third quarter of 2017. By the end of the year, an extensive arsenal of spammer tools was noted.

According to Kaspersky Lab’s discoveries, criminals have been using tricks such as websites disguised as cryptocurrency exchanges or fake services offering cloud mining (i.e. the use of specialized data centers for rent). But in all cases, users became victims - losing money instead of earning any profit. In more traditional fraud schemes, such as fake lottery winnings, criminals have also started to use Bitcoin as bait. In addition to targeted address databases advertised through spam, databases with emails for cryptocurrency users have also been offered for purchase, promising great opportunities.

Moreover, criminals have distributed different types of malware in spam emails, under the guise of utilities for earning Bitcoins, or instructions for cryptocurrency trading. However, importantly, Cryptolockers, whose creators demanded a Bitcoin ransom, have been detected in spam letters less than in the previous year.

Overall, the average amount of spam in 2017 decreased to 56.63 percent, which is 1.68 percent less than in 2016. At the same time, the number of phishing attacks increased – the Kaspersky Lab Anti-Phishing system was triggered 246,231,645 times on the computers of Kaspersky Lab users, which is 59 percent higher than in 2016.


The proportion of spam in email traffic in 2017

“In 2017 we saw a slight decrease in spam activities, but throughout the year, spammers haven’t missed any reason to steal users’ personal information, keeping their eyes on what’s happening in the world. As sports events such as the upcoming FIFA World Cup and others take place, their activity will only increase,” said Darya Gudkova, spam analyst expert, Kaspersky Lab. “Moreover, in 2018 we expect further development and growth of cryptocurrency-related spam and phishing - with more cryptocurrency diversity besides Bitcoin, which was widely used in the previous year, and with 'pump and dump' schemes.”

Other important trends and statistics in 2017, highlighted by Kaspersky Lab researchers, include the following:

  • The most popular source of spam was the USA (13.21 percent), followed by China (11.25 percent) and Vietnam (9.85 percent). Others in the top 10 include India, Germany, Russia, Brazil, France and Italy.
  • The country most targeted by malicious mailshots was Germany (16.25 percent), showing a slight increase (2.12 percent) compared to 2016. Others in the top 10 include China, Russia, Japan, UK, Italy, Brazil, Vietnam, France and UAE.
  • The largest percentage of users affected by phishing was in Brazil (29.02 percent). Overall, 15.9 percent unique users of Kaspersky Lab products worldwide were attacked by phishing.

Kaspersky Lab recommends home users install a reliable security solution, such as Kaspersky Total Security, which is able to detect and block phishing attacks and spam in standalone email clients.

Businesses are recommended to use security solutions with dedicated functionality aimed at detecting and blocking phishing, malicious attachments and spam. Businesses can protect their on-premises email systems with targeted applications inside Kaspersky Endpoint Security for Business suite.

This year, Kaspersky Lab is offering a new product — Kaspersky Security for Microsoft Office 365 — to help customers extend protection to the cloud-based mail service Exchange Online inside the Microsoft Office 365 suite.

Learn more about spam and phishing in 2017 on

About Kaspersky Lab

Kaspersky Lab is a global cybersecurity company that celebrated its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact
Jessica Bettencourt 

Kaspersky Lab Spam and Phishing report: FIFA 2018 and Bitcoin among 2017’s most luring topics

According to Kaspersky Lab’s “Spam and Phishing in 2017” report, criminals have been following a global agenda by using hot topics such as FIFA 2018 and Bitcoin to fool users and steal their money or personal information in the last 12 months.
Kaspersky Logo