The threat landscape is constantly expanding and threat actors have become more dangerous than ever as they are more sophisticated and attacks are complex with huge impacts on businesses and individuals alike. While ransomware remains the top threat, spam and phishing attacks have gained immense popularity among attackers. Let us go through some of the trends observed in Q3. 

Getting into the details

These findings have been revealed by Kaspersky.
  • Sports-related fraud witnessed quite a high because of the delayed Euro 2020 soccer tournament and Tokyo Olympics. In addition, scammers have already started leveraging the upcoming FIFA World Cup in 2022 by promoting fraud giveaways. 
  • Attackers attempted to cash in on anniversaries of brands, such as IKEA, Tesco, and Amazon, by creating fake sites related to the brands and holding prize draws or surveys. 
  • Q3 observed a rise in fake resources impersonating as cookie-selling platforms. Targets were promised huge monetary rewards to sell those data. As we know, users were duped of their money, along with giving up their banking credentials to the scammers.
  • A new threat in the form of fraud welfare payment apps came to the surface, which could be downloaded from official mobile app stores. 
  • Spam support emails gained traction. This time, the phishing emails mostly informed the targets of unexpected purchases, account deactivation requests, or bank card transactions to frighten them and have them call the fake support number provided in the email. 
  • COVID-19 spams increased with new vigor with the mass vaccination programs across the world and the introduction of certificates as evidence for vaccination. The fraudsters were found selling negative PCR test certificates, asking the customers to provide their personal information and card details. Another common COVID-19 topic included the propagation of the delta variant and vaccination against it.
  • Another new trend observed in the third quarter of the year was spam emails targeted at corporate accounts. 

Some stats your way

  • The average number of spam in global email traffic came up to 45.47%, which is slightly lower than that observed in Q2. 
  • Russia remains the top source of spam at 24.90%, followed by Germany (14.19%) and China (10.31%). 
  • The most widespread trojans belonged to the Agensla family at 9.74%, with Badun (6.89%) and Noon spyware (5.19%) at the second and third places, respectively. 
  • Phishing attacks affected Brazil the most at 6.63%, closely followed by Australia (6.41%), Bangladesh (5.42%), and Israel (5.33%). 

Latest phishing attacks

  • A hacker stole $55 million worth of various cryptocurrencies from DeFi firm bZx after one of the company’s developers fell prey to a phishing attack. 
  • A new phishing campaign was found infecting users with the MirCop ransomware that can encrypt a system in less than 15 minutes. The ransomware takes screenshots, locks files, changes the background to a zombie-themed image, and then provides the victims with instructions on how to move forward. 
  • A new, sophisticated GLS spam campaign was underway that leveraged advanced obfuscation tactics to bypass spam filters.

The bottom line

The last quarter of 2021 is expected to witness increasing spam and phishing emails around Christmas and New Year events. As many people make online purchases, cybercriminals are expected to definitely exploit it. Users are recommended to beware of anonymous fake store giveaways or fraudulent copies of big trading platforms. The attack surface for cybercriminals is ever-increasing with the rapid pace of digital transformation and businesses and individuals are advised to follow best cybersecurity practices and implement proactive cybersecurity defenses.

Cyware Publisher

Publisher

Cyware