<img src="https://d5nxst8fruw4z.cloudfront.net/atrk.gif?account=5DiPo1IWhd1070" style="display:none" height="1" width="1" alt=""/>

The percentage of Q1-2014 Spam in email traffic

This 2014 Quarterly Spam Statistics Report provides the latest analysis of spam trends, malicious attachments, phishing, and insights from the Kaspersky Lab intelligence team for the 1st quarter 2014. This report provides not only key findings and trends but also spammer methods and tricks as well as spam by source globally.

Key Findings

  • The percentage of spam in total email traffic during the first quarter this year came to 66.34%, down 6.42 percentage points from the previous quarter. The percentage of phishing emails grew threefold and accounted for 0.0071%.
  • Year over Year (YOY), the percentage of spam in total email barely changed

Global Spam Statistics

Spam Email by Country Q1-2014)

The distribution of sources of spam by country, Q1 2014

Statistic: Sources of Spam by Country

The geographical distribution of spam by country saw little change in Q1 2014.

The top three spam sources remained unchanged: China (-0.34 pp), the US (+1.23 percentage points) and South Korea (-0.91 pp). Russia outstripped Taiwan and moved to fourth place, one position up from the previous quarter (+0.34 pp)

Statistic: Sources of Spam by Region

Spam Email by Region Q1-2014

The distribution of sources of spam by region in Q1 2014

In Q1 2014, the rating of the top sources of spam by region did not undergo any major changes from the previous quarter. Asia remained the number one regional source of spam although its share decreased by 3.2 pp. It is followed by North America (-0.01 pp). The share of the other regions grew slightly.

What is the size of spam emails?

In January spam realized some growth in the proportion of 10-20 KB emails. This this is likely due to holiday spam mass mailings which usually contain a larger number of images.

The Top Ten Malicious attachments in email

Trojan-Spy.HTML.Fraud.gen remained the most popular malicious program spread by email in the first quarter of the year. This malicious program is designed to look like an HTML page used as a registration form for online banking services. It is used by phishers to steal financial information.

The top ten list is as follows:

  1. Trojan-Spy.HTML.Fraud.gen (steals financial information)
  2. Net-Worm.Win32.Aspxor.app (spreads spam to infect and collect data)
  3. Email-Worm.Win32.Bagle.gt (used to harvest email addresses)
  4. Trojan.PSW.Win32.Fareit.amzb (steals user logins and passwords, launch DDoS attacks and download and run random software)
  5. Trojan.Win32.Bublik.bwbx (downloads other malware)
  6. Backdoor.Win32.Androm.bngy (allows cybercriminals to secretly control a compromised computer)
  7. Trojan-Downloader.Win32.Dofoil.rqb (similar activities to #2)
  8. Trojan-PSW.Win32.Fareit.anaq (similar activities to #4)
  9. Email-Worm.Win32.Mydoom.I (worms automatically spread to other PCs)
  10. Trojan-Spy.Win32.Zbot.rdhe (steals confidential user information. It can also install CryptoLocker)

Phishing Statistics

Email and Search most Popular Phishing Targets

Despite the fact that user accounts for the email and search portals offer many opportunities, most of these attacks are aimed at gaining access to the email service. As well as using email for their own purposes, attackers can scour its content for other logins and passwords. This, after all, is where many sites send log-in details if users forget their passwords - sometimes including all the information directly in the message body.

Other sites go even further, sending the user an email containing the login and password immediately after he registers on the portal. To avoid the loss of confidential information, modern mail systems offer a method of two-factor authentication: in addition to the login and password, users have to enter a code sent to their phones by text message. Users should also delete any messages containing confidential information from their email account.

Social networking sites remain popular with phishers. Although they came second, their share dropped by 1.44 pp from the previous quarter.

The most noticeable growth was around online stores. This was caused first of all by increased attacks on coupon services as well as on ticket agencies. The latter saw greater phishing activity in March.

Conclusion – Spam & Phishing Report

The main goal of most malicious programs distributed via mail is to steal confidential data. However, in Q1 malware capable of spreading spam and launching DDoS attacks was also popular. The most popular types of malware are now multifunctional: they can steal data from the victim computer, make the computer part of a botnet, or download and install other malicious programs without the user's knowledge.

To bypass filtering, spammers continue to use a variety of tricks. One of the fastest-growing is creating "background noise" in messages with the help of HTML tags as well as obfuscating links in emails. The latest similar trick was to add a UTF-8 symbol to links. This symbol, when it is not placed at the beginning of the text, is interpreted as a null character. In fact, there are loads of such tricks in UTF-8 and the fraudsters make use of them every now and then.

The majority of phishing attacks targeted email accounts. Users are often lax when it comes to their email accounts: many of them use simple logins and passwords. We would like to remind users that a hacked email account can allow attackers access to all the information stored in your mailbox including other logins and passwords. It is recommended that strong passwords are used as well as two-factor authentication whenever possible.