Spam in the second quarter of 2015: global events and $ 2 million as a gift

The latest Kaspersky Lab report - "Spam and phishing in the second quarter of 2015" - shows that in the analyzed period, fraudulent messages based on real events prevailed in unwanted e-mail correspondence. The cyber-fighters were targeted mainly by people interested in the earthquake in Nepal, the presidential election in Nigeria and the Olympics in Rio de Janeiro.
Although the percentage of unwanted messages in e-mail traffic dropped by 5.8 percentage points in relation to the previous quarter (from 59.2% to 53.4%), in the second quarter of 2015 the trend of using global news events significantly strengthened spam. Some shipments contained fake messages asking recipients for donations to victims of the Nepal earthquake.

In other mass news, scammers tried to lure buyers with the sum of $ 2 million, which the newly elected president of Nigeria was supposedly willing to transfer as compensation. Subsequent shipments contained fake notifications about winning the lottery in the form of tickets for the Olympic Games in Brazil in 2016, by means of which the cybercriminals wanted to persuade the recipients to pass on their personal data to the fraudsters, allegedly to collect "winnings".

Tatiana Shcherbakova, a spam analyst, Kaspersky Lab, said:

"In the second quarter of 2015, spammers used tragic events to attract users' attention. This tactic has been used by fraudsters before, but now, when events such as the earthquake in Nepal are widely reported by the media around the world, similar messages have a greater chance to arouse compassion at the recipients. In order to maintain security, users should not open e-mails from unknown senders, click on links contained in them or open any attachments. This recommendation is even more important today because some fraudsters are trying to make the name and address of the sender look more like the legal ones. "

You are targeting malicious advertising e-mails

In the second quarter of 2015, there were significant changes in the top three countries that are the most frequent target for harmful advertising. In the analyzed period, Germany (19.59%) topped the ranking, which was only fourth in the first quarter. Great Britain, the leader of the ranking in the first quarter of 2015, fell to the second position (6.31%), while Brazil - to the third (6.04%).

The US came in fourth place (5.03%), which traditionally is the country most often attacked using malicious advertising. In turn, Russia, which in the previous quarter was only 10th, climbed to the fifth position.

The countries from which the most spam comes

The United States (14.59%) and Russia (7.82%) remained the largest source of spam. China came third with 7.14% of global spam. For comparison, in the previous quarter the percentage of unwanted messages from this country was 3.23%. Vietnam was followed by consecutive positions (5.04% compared to 4.82% in Q1), Germany (4.13% compared to 4.39% in Q1) and Ukraine (3.9% in compared to 5.56% in the first quarter).


In the second quarter of 2015, Kaspersky Lab products have protected users around the world from more than 30 million phishing attacks. During the period under investigation, Kaspersky Lab has added to its databases more than half a million new phishing mask addresses (one such mask may include many malicious online resources).

The percentage of spam in email traffic

Since the beginning of the year, Kaspersky Lab experts have seen a significant global decline in the share of spam in e-mail traffic, but this trend has been almost halted. In the second quarter of 2015, the level of unwanted messages stabilized, fluctuating between 53.5% in April and 53.23% in June.

Malicious attachments in e-mail messages

Trojan-Spy.HTML.Fraud.gen appeared at the top of the ranking of malicious programs sent via e-mail. This program is a fake HTML page that is sent by email and imitates important notifications from a bank, online store, software developer, etc. This threat is a phishing web page where the user has to enter his personal data, which are then sent to cybercriminals.

The full report "Spam and phishing in the second quarter of 2015" is available in English on the service run by Kaspersky Lab: .

source: Kaspersky Lab

Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.