Canadian Underwriter
News

Cybercriminals used WannaCry epidemic to promote fraudulent services, Kaspersky report says


August 22, 2017   by Canadian Underwriter


Print this page Share

Cybercriminals involved in spam distribution tried to capitalize on public fears of the WannaCry ransomware epidemic with spam and phishing emails offering cyber protection, a new report from Kaspersky Lab has found.

The Spam and phishing in Q2 2017 report, released on Tuesday, said that researchers from the cybersecurity company detected “a large amount of spam messages offering services such as protection from WannaCry attacks, data recovery, and, moreover, educational workshops and courses for users.”

“The WannaCry ransomware attack affected more than 200,000 computers across the globe, resulting in massive panic, and spammers instantly capitalized on the opportunity,” Kaspersky said in a statement. “Spammers successfully implemented a traditional scheme of fraudulent offers to install software updates on affected computers, which instead redirected people to phishing pages aimed to steal the personal data of victims.”

Another top trend report in the second quarter of 2017 was the number of mass mailings targeted at corporate networks, Kaspersky said in the statement. These mailings have expanded since the beginning of the year, the cybersecurity company reported, and spammers began to “widely disguise malicious mailings as corporate correspondence, by using the identities of corporate mail services, including real signatures, logos and even banking information.” In archives attached to the email, cybercriminals sent out exploit packages targeted at stealing FTP, email and other passwords. “Most attacks on the corporate sector have financial goals,” Kaspersky added.

The second quarter also saw a growth in the number of mass mailings with malicious Trojans, sent on behalf of international delivery services. “Spammers were sending shipping reports with information about non-existent parcel deliveries, the statement said. “With the aim to infect computers or to steal personal credentials, criminals were found spreading download links with malware, including the banking Trojan Emotet, which was first detected back in 2014.” Overall, the volume of malicious mass mailings increased by 17% from the first quarter, the report said.

“During the second quarter of the year, we have seen that the main trends in spam and phishing attacks have continued to grow,” said Darya Gudkova, spam analyst expert at Kaspersky Lab, in the statement. “The use of WannaCry in mass mailings proves that cybercriminals are very attentive and reactive to international events. Moreover, cybercriminals have started to focus more on the B2B sector, seeing it as lucrative. We expect this tendency will continue to grow, and the overall amount of corporate attacks, and their variety, will expand.”

Other trends and statistics in the report include:

  • As in Q1, the main targets of phishing attacks remained the same and were primarily from the financial sector: banks, payment services and online stores;
  • The average amount of spam has increased up to 56.97% from the previous quarter. Vietnam became the most popular source of spam, overtaking the United States and China;
  • The country most targeted by malicious mailshots was Germany. The leader of the previous period, China, came second, followed by the United Kingdom, Japan and Russia. Other popular targets include Brazil, Italy, Vietnam, France and the U.S.; and
  • The Kaspersky Lab Anti-Phishing system was triggered 46,557,343 times on the computers of Kaspersky Lab users. The largest percentage of affected users were in Brazil (18.09%); Canada had 11.28% of affected users. Overall, 8.26% unique users of Kaspersky Lab products worldwide were attacked by phishing.