[an error occurred while processing the directive]
RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2024/02/15 07:55:33

Spam

Spam (English spam) - sending commercial and other advertising or other types of messages to persons who did not express a desire to receive them.

The catalog of Antispam systems and projects is available on TAdviser

Content

Responsibility for spam in Russia

2024: Spam calls will be fined

A bill establishing responsibility for spam calls is being finalized. Violators, according to the proposed amendments, will have to pay up to a million rubles, on February 14, 2024, the press service of the State Duma deputy RFAnton Nemkin reported referring to the Russian newspaper.

The bill was submitted State Duma Bryansk to the regional Duma. The draft federal law provides for the assignment of responsibility for violation of the requirements established by law for, to advertizing distributed over telecommunication networks.

The authors of the bill recalled that "the law prohibits the use of telecommunication networks to distribute advertising using means of selecting or dialing a subscriber number without the participation of a person, the so-called spam."

The proposed changes offer fines for sending spam - from 10 thousand to 20 thousand rubles. Officials may face from 20 thousand to 100 thousand rubles. The fine for legal entities is from 300 thousand rubles to a million.

File:Aquote1.png
In 2023, the number of spam calls from MTS subscribers alone reached 8 billion. In fact, the average Russian faces a similar challenge at least once a day. Telephone spam is one of the tools of aggressive marketing, the purpose of which is to advertise or directly sell products or services, "Nemkin explained.
File:Aquote2.png

According to Anton Nemkin, the use of such practices by business is rather due to the unwillingness to integrate new marketing tools.

File:Aquote1.png
Often, users are "dialed" by companies that they have never provided consent to the processing of personal data. This is a consequence of the increased leakage of personal data. As a result of the database leaks, they are "sold" to interested companies that go for this for profit, although this is illegal, the deputy emphasized.
File:Aquote2.png

File:Aquote1.png
Technically, it is possible to track the spammer, but I am sure that companies will find a way to bypass such bans. Another question is that not all citizens are ready to declare this problem. Let me remind you that you can leave a complaint with the FAS about spam calls. The initiative may act as an additional deterrent, but the main cause of the problem is still data leaks, he stressed.
File:Aquote2.png

The deputy recalled that amendments to the legislation have already been made to the State Duma, which propose tightening responsibility for allowing data leaks.

2011: Russia may criminalize spam

In Russia, responsibility for spam is still limited to administrative fines, but having worn out, the spammer can also be prosecuted for computer crimes, both experts say. For illegal access to computer information, Chapter 28 of the Criminal Code provides for up to five years in prison (if the crime is committed by an organized group), and for the creation and distribution of malicious programs - up to three years. Cases under this article against spammers were started, but[1] not know about the real sentences[1]

In Russia, they can introduce criminal liability for sending spam. Those who send 1 thousand unnecessary letters to recipients within a day or 10 thousand per week face a fine of up to 1 million rubles. or correctional labor for up to a year, follows from the prepared bill. But severe punishment is unlikely to change the situation: it is almost impossible to catch a spammer. (Based on Kommersant materials)

As State Duma deputy Ilya Ponomarev said in his blog, on May 13, 2011, the State Duma working group will discuss a bill to counter the production and spread of spam, prepared by the Duma Committee on Information Policy, Information Technologies and Communications together with the Information Security and Cybercrime Commission of the Russian Association of Electronic Communications (RAEC). It involves amendments to the federal laws "On Information, Information Technologies and Information Protection," "On Communications," the Code of Administrative Offenses and the Criminal Code of the Russian Federation.

The amendments, in particular, propose the introduction of criminal liability for mass (1 thousand letters during the day or 10 thousand per week) sending spam. The violator faces either a fine of up to 1 million rubles, or compulsory work for a period of 120 to 180 hours, or correctional labor for a period of six months to a year. If the violation is committed by a group of persons by prior conspiracy or with the extraction of income on an especially large scale (more than 100 thousand rubles), they will face a fine of up to 2 million rubles. or compulsory or correctional work from 180 to 240 hours and from a year to two, respectively.

The bill states that messages of an advertising nature (in accordance with the law "On Advertising") can be sent to the recipient only with his prior consent, or if the sender is with the addressee in contractual, family, labor and other relations. The mechanism for unsubscribing should also be clear. Non-compliance with these requirements will be punished with a fine of 50 thousand to 1 million rubles. - depending on whether the sender is a physical, legal or official. Similar penalties are imposed for the production, distribution and use of computer programs that automatically collect, process and distribute email addresses. It is proposed to add the relevant articles to the Code of Administrative Offenses of the Russian Federation.

In March 2011, according to Kaspersky Lab, the share of spam in global mail traffic averaged 79.6%. The leader among the countries - sources of spam was India, from whose territory 11.42% of "junk mail" was distributed, Brazil (6.6%), Russia (4.8%), Indonesia (4.3%) and Italy (4%).

Operators say that theoretically, installing mailing filtering on the Internet is possible, but doubt its effectiveness. "Filtering is based on content, it is impossible to set up ideal protection against spam: pure letters containing information that the system can consider spam can fall into this category," says MTS press secretary Valeria Kuzmenko. At the same time, spammers can make up the mailing text in such a way that the system does not recognize it, and by blocking an ordinary letter, the operator will be responsible for incorrect performance of services, she insists. Partner of the law firm Salans Viktor Naumov agrees that, despite the correctness of the idea, the amendments overly restrict freedom of information: "Criminal liability for spam is inadequate to the danger of an act."

A law enforcement source investigating cybercrime says that indirectly criminal liability for spam already exists: since the spread of spam goes through computers infected with viruses, it can be attracted to it under articles of the Criminal Code of the Russian Federation, which provides for responsibility for illegal access to computer information and the spread of malware. But, according to him, it is almost impossible to catch a spammer or organizer of a DDoS attack: most of them use foreign servers or are themselves abroad.

2023: Government fails to back bill to block phone spam

The government found gaps in the bill to block phone spam calls. The main thing is that the analysis of voice messages passing through telephone networks contradicts the Russian constitution. According to experts, the bill offers useful solutions, but you can counteract spam calls in milder ways. This was announced on May 22, 2023 by the press service of the deputy of the State Duma of the Russian Federation Anton Nemkin.

File:Aquote1.png
Based on the above, the bill cannot be supported by the Government of the Russian Federation in the submitted version, the published message says.
File:Aquote2.png

The bill, which, according to the idea of ​ ​ the authors - members of the Just Russia - Patriots - For Truth faction - was supposed to give Russians the right to demand that mobile operators block telephone spam for free, was submitted to the State Duma at the end of 2022. If it is accepted, operators will be obliged to receive the consent of the subscriber to skip voice information messages. Mailing in violation of such norms will be considered illegal, an exception is proposed to be made only for voice messages of the operator himself or mails that are made at the initiative of the authorities. The explanatory note to the bill cited statistics from a survey by the NAFI Analytical Center, which showed that 89% of Russians received spam calls in May-June 2022, and more than half of the respondents said that such calls cause "serious inconvenience" and "severe irritation."

As Anton Nemkin, a member of the State Duma Committee on Information Policy, Information Technology and Communications, notes, telephone spam has indeed become a big problem not only in Russia, but throughout the world. Every day, subscribers are attacked by advertising bots that make automatic calls and turn on pre-recorded messages.

File:Aquote1.png
Despite the fact that most of these calls are simply rejected or interrupted in the very first seconds, this method of advertising continues to be actively used. Operators have special software that can identify such a call, that is, they can notify subscribers in advance about which company is calling. Earlier, the Ministry of Digital Development has already proposed to make such a service free for all users and automatically built-in. I believe that such an initiative can be practically saving for those whose numbers were leaked to the network and became the main target not only for advertisers, but also for scammers. However, any tool that can directly or indirectly affect the privacy of Russians must be very competently worked out. The bill proposed by colleagues looks relevant, but, as the government correctly noted, its provisions should be improved taking into account the importance of maintaining the secrecy of any calls from Russian subscribers, the deputy said.
File:Aquote2.png

File:Aquote1.png
Phone number swapping remains one of the most common ways to cheat. At the same time, most often the number from which fraudsters call does not arouse suspicion among users, and it is impossible to blame them for this - attackers improve the methods of deception daily. In full, Antifrod will work until March 2024, and according to the plan of Roskomnadzor, 2,464 Russian telecom operators will have to connect to it. This gives hope that with at least this type of telephone spam and fraud, we can solve the problem forever, "Nemkin concluded.
File:Aquote2.png

2022

The Ministry of Digital Development will introduce a mechanism to block auto-call to combat spam

The Ministry of Digital Development, Communications and Mass Media of the Russian Federation proposed to telecom operators to introduce a mechanism to block auto-call in order to combat telephone spam. The press service of the department announced this on December 15, 2022.

Autobzone is a way to dial random numbers to subscribers. The company creates its own or buys finished software, and the program already calls random numbers. At the same time, the system can make more than 300 calls. When a subscriber answers a call, they can hear a pre-recorded voice message, or the program can switch it to a person.

File:RIAN 8281543.HR.ru.jpg
The Ministry of Digital Development will introduce a mechanism for blocking auto-call

According to the Ministry of Digital Development, the blocking will affect the auto call - its telecom operator can determine using special software. By mid-December 2022, the ministry discussed the initiative with market representatives. According to companies, the innovation can become not only an obstacle to spam, but also an obstacle to fraudsters, the Ministry of Digital Development noted.

It is assumed that if technical capability allows, operators will also tell subscribers which company is calling them. The smartphone screen will reflect the caller's number and signature, for example, a medical center, bank or other institution and its name.

Technically, such services already exist by December 2022: some IT companies release similar applications. The Ministry of Digital Development offers to make the service free and built-in by default.

Earlier in 2022, the Federal Antimonopoly Service (FAS) of Russia and telecom operators launched a service with which Russians can complain about calls and spam messages. It is planned to block such advertising within three days.

The Ministry of Digital Development will introduce a limit on advertising calls for companies

The Ministry of Digital Development, Communications and Mass Media of the Russian Federation has prepared a bill on spam calls, within which companies will have a limit on advertising calls to subscribers. The head of the department Maksut Shadayev spoke about this on September 28, 2022 at a meeting with regional journalists.

According to him, if there are calls in excess of the prescribed norm, then for companies "responsibility will come." The minister did not disclose the details of the initiative. He added that the bill could be submitted to the State Duma as part of the autumn session in 2022.

The Ministry of Digital Development will introduce a limit on advertising calls for companies

Earlier in September 2022, the LDPR faction in the State Duma sent a bill to the government to increase fines for spam calls to 80 thousand rubles for performers, up to 300 thousand rubles for officials and up to 1 million rubles for legal entities.

The deputies also proposed introducing fines for the distribution of intrusive telephone advertising of financial services, subject to manipulation of data on the total cost of such a service: up to 100 thousand rubles for officials and up to 1.6 million rubles for legal entities.

The LDPR noted that complaints about telephone spam are among the most common. Most subscribers do not believe such advertising and immediately hang up, "but the very fact of intrusive commercial proposals coming in the morning, at night and at other inappropriate times causes genuine irritation of citizens," parliamentarians say.

File:Aquote1.png
At the same time, there are those who, alas, succumb. Individual citizens who find themselves in a difficult life situation, without checking the information, take loans and loans that turn out to be significantly more expensive than advertising promised. We must protect their interests, - said the LDPR on September 26, 2022.[2]
File:Aquote2.png

Creation of a unified anti-spam system in Russia

On March 21, 2022, it became known about the creation in Russia of a unified system for blocking numbers with which calls and SMS messages with spam are received. It should work by June 1, 2022. Read more here.

2021: One in five emails in Russia sent by scammers

One in five emails in Russia are sent by scammers. This was reported in mid-February 2022 by Eset, which develops antivirus software.

According to experts, from 18% to 27% of incoming e-mail in Russia in 2021 contained spam and unwanted information. The Russian Federation was in fifth place among countries in terms of the volume of spam messages received. Ahead are China, Singapore, Argentina and India.

Every fifth email to the Russian Federation is sent by scammers

According to Eset, spam is most often sent from the following countries:

  • USA (16% of all unwanted emails come from here);
  • Japan (13.3%);
  • China (9.6);
  • France (7%);
  • Poland (6.6%).

Most often, fraudsters use the topic of the coronavirus COVID-19 in letters, and cases of using the term "omicron" and other strains of coronavirus have also become more frequent. According to experts, disguising letters as an offer to receive state benefits or payments, attackers are trying to lure out personal data of users: passport and bank data, phone numbers and addresses.

According to Kaspersky Lab estimates, the average share of spam in global mail traffic in 2021 was 45.56%. At the same time, 8% of emails were phishing in nature and about the same amount were distributed with attached malicious files.

Most spam in 2021, as in 2020, came from Russia (24.77%), whose share increased by 3.5 percentage points. Germany (14.12%) added 3.15 pp and remained in second place. It is followed by the United States (10.46%) and China (8.73%), which also retained their positions.

Among the mailings with malicious attachments, most often there were Trojans of the Agensla family, stealing credentials from the browser, as well as mail and FTP clients. In second place were the Badun Trojans, distributed in archives and pretending to be electronic documents.[3]

2020

Users around the world faced a huge wave of spam

One company received about 300,000 spam emails in just one day, forcing it to disable affected accounts [4]

Scammers send spam emails to users around the world. Information security experts fear that cybercriminals are testing a new malicious tool, which is destined to become a serious threat to business and consumers in 2021.

Experts from Vade Secure have recorded a sharp increase in the number of spam emails entering user mailboxes in Italy, France, Denmark and the United States. One company received about 300,000 spam emails in just one day, forcing it to disable affected accounts and reset credentials.

The wave of spam is not easy, since emails are placed in the inbox, bypassing protection levels. Vade Security suspects that criminals are using a tool called Email Appender, which was first discovered by Gemini Advisory in October 2020 and is sold on the dark web by subscription.

Email Appender allows cybercriminals to confirm the credentials of a compromised account, configure a proxy server to avoid detecting an IP address, and create malicious emails. Using Email Appender involves a list of compromised credentials. By sorting through logins and passwords, the program tries to log in to the email server, open the victim's mailbox and add its malicious letter to it.

The tool has a user interface that allows a hacker to configure email by changing the displayed name of the sender's address and creating a response address.

The Ministry of Telecom and Mass Communications is developing a database of fraudsters and spammers in Russia

On August 21, 2020, it became known about the creation in Russia of a single database of telephone numbers of fraudsters and spammers. Oleg Ivanov, deputy head of the department, spoke about the new project of the Ministry of Telecom and Mass Communications. Read more here.

Spammers recorded a surge in activity in connection with the outbreak of coronavirus in China

Ltd Check Point Software Technologies., a provider of solutions in the field, cyber security found a spike harmful in activity related to. coronavirus

Check Point specialists discovered the vaccinecovid-19\.com website registered in Russia on February 11, 2020. The site was created by cybercriminals - its visitors are offered to buy "the best and fastest test for detecting coronavirus at a fantastic price - 19,000 rubles."

Spammers recorded a surge in activity in connection with the outbreak of coronavirus in China
File:Aquote1.png
The threat of coronavirus attracted the attention of the whole world, which could not go unnoticed by cybercriminals. They will continue to use public interest to spread spam campaigns related to the virus outbreak,
File:Aquote2.png

Check Point notes an increase in the number of fraudulent sites using the coronavirus in their domain names. Most likely, these sites will actively appear in phishing mailings, where recipients of spam emails will be asked to pay for the coronavirus vaccination or take the most accurate coronavirus test.

Spammers recorded a surge in activity in connection with the outbreak of coronavirus in China

Check Point specialists have discovered a large spam campaign in Japan. Attackers send spam on behalf of the Japanese organization for helping people with disabilities. The emails report the spread of the coronavirus in several cities in Japan, prompting the recipient to open the document. If the user is interested and opens the attachment, the Emotet Trojan will be downloaded to his computer.

According to to data the latest Global Threat Index report, Emotet is the most active harmful ON in January 2020. It affects the activities of 13% of organizations worldwide Russia , in Emotet it ranks third in terms of the to the attacks company.

Emotet is an advanced self-propagating modular Trojan. Emotet was once a common banking Trojan, but began to be used to distribute malware and campaigns. The functionality that has appeared allows you to send phishing emails containing malicious attachments or links.

2019: WhatsApp antispam can be disabled for $14. Politicians send 100,000 messages a day

In mid-May 2019, it became known that WhatsApp software tools for just $14 help Indian marketers and political activists bypass the anti-spam restrictions set by the messenger. Read more here.

2018

325% increase in phone spam to 85 billion calls

According to the company Hiya, which deals with the problems of telephone spam, such calls in 2018 were made 85 billion around the world. Compared to 2017, there was a giant surge in the activity of telephone spammers - the number of unwanted calls jumped by 325%. Hiya released such data at the end of February 2019 based on its system analyzing about 12 billion calls every month.

The most widespread telephone spam in 2018 was received in the following countries:

Most often, fraudsters call victims, posing as bank employees. For example, they inform people about the blocking of their card and display personal data necessary to withdraw money from the account. To better disguise their intentions, attackers sometimes have various information about the potential victim in advance. In addition to phone numbers "tied" to a bank card, they unmistakably also name the client's last name and first name, his passport number and other personal data. This allows you to put to sleep the vigilance of many victims.

Phone spammers lost the world in 2018

Another way of phone spam is that scammers call numbers and ask for a ransom for a kidnapped friend or family member. Previously, they also collect some information about victims, including from social networks.

In addition, the type of fraud, which was called Wangiri, is gaining popularity: the robot makes calls in the expectation that someone gullible will call back, after which they will write off the money for the international call.

Different countries have their own types of telephone scams. For example, in Italy, fake calls from representatives of energy companies are widespread, as a result of which citizens buy services that do not exist.[5]

Russia entered the top twenty countries for the spread of telephone spam

On December 18, 2018, Truecaller Insights presented a report on the prevalence of telephone spam in 2018, according to which Russia was in 18th place. The data was collected anonymously on incoming calls flagged as spam by users themselves or by Truecaller Insights' automated mechanisms, between January 1, 2018 and October 30, 2018.

During this period of time, users received 17.7 billion spam calls. Considering that the company identified a total of 74.1 billion calls, we can conclude that almost every fourth call that users receive around the world is spam.

In 2018, India gave way to the most spammed country in Brazil, where the average Truecaller user received 37.5 spam calls per month. It should be borne in mind that in Brazil the number of spam calls increased by 81% over the year. Despite this, Indian users are still suffering greatly from spam calls, their number in the market decreased slightly (by 1.5%). Unlike these countries, the United States managed to go down from second place in terms of confusion to eighth compared to 2017.

Countries with the largest spread of telephone spam at the end of 2018, Truecaller data

But despite the drop in spam calls, phone scams are still rife in the US. Every tenth adult American lost money due to a telephone scam in 2018 - on average, the lost amount is $357, that is, 24.9 million Americans were transferred to fraudsters in total $8.9 billion. In the twenty most forgotten countries were new names: Spain, Canada, Costa Rica, Poland, the Dominican Republic and Israel, where there is a significant increase in the number of spam calls. However, in Turkey, there was a decrease in spam (18%).

The analysis assessed the overall pattern of spam calls. Their main source was telephone operators, followed by telemarketing calls from financial services, debt collectors and insurance companies.[6]

2017

The source of more than 60% of all spam activity is the USA, the Russian Federation and Ukraine

By 2017 phishing attacks , the volume amounted to 30% of all malicious activity. This became known on October 2, 2019.

Security researchers from Data61 have published the results of a FinalBlacklist study that analyzed 51.6 million online malicious activity reports and 662,000 unique IP addresses worldwide. According to the researchers, in the period from 2007 to 2017, the source of more than 60% of all spam was the United States, the Russian Federation and Ukraine.

Researchers from Data61 used machine learning methods to classify the malicious activities examined in the report into six classes: malware, phishing software, fraudulent services, potentially unwanted programs, exploits and spam.

The study also showed how malicious actions are distributed across IP addresses. It turned out that one cloudy server posted in was cloud service Amazon repeatedly used by criminals with a huge number of exploits.

File:Aquote1.png
They have been used over and over again because it is a cheap resource for intruders and a convenient resource; they can move their services from one place to another without being noticed,
explained lead researcher Dali Kaafar
File:Aquote2.png

File:Aquote1.png
Over the past ten years, the volume of malicious activity has grown steadily. In fact, we studied the volume of malicious activity on a daily basis and found that the number of reports of cybercrimes and incidents increases from day to day. Starting with a couple of hundred reports a day and ending with about a million,
reported by lead researcher Dali Kaafar
File:Aquote2.png

The results of the study also showed that phishing campaigns began to appear in 2009, coinciding with the growing popularity of smartphones. By 2017, the volume of phishing attacks amounted to 30% of all malicious activity[7].

Spammers force Russians to call back to listen to ads

On August 15, information appeared that in Russia the type of spam is gaining circulation, which forces subscribers to call back to unfamiliar numbers and "voluntarily" listen to advertising messages. Noteworthy is the fact that in this case, the actions of spammers, from which, according to analysts, 65% of Russians have already suffered, do not contradict the law.

Photo: ren.tv

The method of spreading telephone spam is as follows: an automated system programmed by attackers calls subscribers on its own, each time breaking the call after the first beep. As a result, a missed call from an unknown number is displayed on the user's phone screen, which, according to the idea of ​ ​ spammers, should attract the attention of the subscriber. As soon as the user calls back at this number, the answering machine plays him an advertisement. According to analysts, most often robots impose legal and medical services.[8]

It is alleged that the Japanese began to use this scheme first (in some cases, when a person called back at a highlighted number, money was debited from his account), but now it is rapidly gaining popularity in Russia.[9]

2016: The share of spam in mail traffic rose to 58%

Share of spam in global mail traffic, 2016

According to Kaspersky Lab's annual report, the share of spam in global mail traffic in 2016 was 58.3%, which is 3 percentage points more than in 2015. The last time an increase in the share of spam in mail traffic was recorded eight years ago, in 2009, after which it steadily decreased.

The long decline was associated with the transition of small and medium-sized businesses to legal advertising platforms, but now, apparently, this process has stopped. Experts attribute the increase in the number of spam in 2016 to an increase in the number of letters with ransomware Trojans: the antivirus component was triggered in the mail of Kaspersky Lab clients almost four times more often than in 2015.

encoders Experts attribute the dominance to the availability of these programs on the black market. Today, an attacker may not be able to write code at all: due to the distribution of malware the Ransomware-as-a-Service model and the ability to rent botnets, you cybercriminals no longer need to be hackers in the traditional sense of the word.

Among other trends in spam mailings and phishing, Kaspersky Lab experts note the following:

  • The growing popularity of spam among small businesses in China. One possible explanation for this phenomenon, experts believe that many global social networks in China are prohibited, and mass mailings have become the main channel for local businessmen to enter the global market.
  • Use high-profile sports events as spam reasons, as well as create mailings for different countries with content relevant only to them. For example, residents of Russia received letters disguised as notifications from the Federal Tax Service and the Pension Fund of the Russian Federation.
  • The growth of phishing attacks on clients of financial institutions: banks, online stores, payment systems.
  • Active use by scammers of all available means of communication, such as social networks, SMS, advertising banners.

2015: Spam share in mail traffic drops to 55%

At the end of 2015, the share of spam in global mail traffic decreased by almost 12 percentage points and amounted to 55%. At the same time, the most significant drop was observed in the first months of last year: for example, if in January the indicator reached 62%, then by April it dropped to 54%. According to Kaspersky Lab experts, the general decline is due to the migration of ads for legal goods from the spam stream to other platforms, in particular social networks, coupon services, etc.

Meanwhile, a significant part of world spam was sent from Russia. As Kaspersky Lab established, in 2015 more than 6% of spam messages were sent from the country, which provided it with the second line in the list of spam source countries (the US was the leader in this indicator in 2015, of which 15% of the world's mail garbage was sent).

However, Russia not only spread, but also received spam in large quantities. In particular, the country was in the top three in terms of the number of users who encountered malicious attachments in messages. At the end of 2015, Russia accounted for more than 6% of all malicious emails sent around the world. At the same time, a year earlier, Russian users received a little more than 3% of malicious spam, and the country itself occupied the eighth line of the list.

In addition, Russia became the leader in the percentage of users who faced phishing. It accounted for almost 18% of such incidents registered by Kaspersky Lab. At the same time, in 2015, phishers showed special interest in financial institutions, in particular in banks, payment services and online stores. Attacks on such resources accounted for a third of the total number of phishing threats.

As it becomes more and more difficult for attackers to bypass spam filters, they constantly invent new tricks. For example, last year in a number of letters there were not classic URL links that are easily recognized by filters, but QR codes placed directly in the body of the letter. In addition, Latin letters and numbers in domains and IP addresses were often replaced by spammers with characters that are similar in appearance, but are taken from other alphabets and character systems. Spammers used archives of not the most popular formats -.cab,.ace,.7z,.z,.gz to hide malware attached to messages. This helped them not only to euthanize the vigilance of users familiar mainly with the common extensions.zip and.rar, but also allowed them to compress the file as much as possible and thus reduce the size of the letter.

As topics for messages, attackers traditionally used high-profile world events, both already happened and upcoming. For example, the Olympics in Brazil were held only in 2016, but already in 2015, fraudsters sent fake notifications about winning the lottery dedicated to this sports event. "Nigerian" spammers actively "worked" with political events in Ukraine, the war in Syria, the presidential elections in Nigeria and the earthquake in Nepal in order to convince the recipients of the letters of the veracity of the stories they invented.

2014

Proofpoint: Spam levels down 56%

According to Proofpoint, in 2014, the daily level of spam decreased by 56%, but in the second half of the year the number of malicious links contained in unwanted correspondence increased. Experts explain the decline in spam by the elimination of the Gameover Zeus and Kelihos botnets in June and September 2014. Note that in 2013, when botnets were active, the level of spam emails increased by 16%.

The number of emails containing malicious links increased by an average of 10%, with the highest figure reaching 40%. The number of malicious messages increased towards the end of 2013. This is due to the activity of botnets like Dridex.

Experts noted that despite the reduction in spam, attackers still use malicious emails as the main vector of attack on organizations.

Now is the time for security teams and company executives to actively explore cybersecurity strategies, the researchers said. Experts strongly recommend deploying advanced security technologies.

USA is the leader in sending spam

On March 16, 2015, Kaspersky Lab (Kaspersky) reported the results of a study of the spam industry, the intensity of spam mailings and the position of participation of subjects of geopolitics in these processes: Russia ranks second in the ranking of spam source countries and first among the countries most often attacked[10] phishers[10].

In 2014, the share of spam in global mail traffic decreased to 66.8%, down almost three percentage points from 2013. Among the countries that source spam, as before, they are in the lead USA (16.7%), followed by a significant margin (Russia 6%). American users were also more likely than others to encounter malicious attachments to unwanted correspondence, Russia and the largest number of anti-phishing system triggers was registered, "" said in its report.Kaspersky Kaspersky

In 2014, attackers exploited high-profile events: celebrity deaths, military operations and international sporting events. In 2014, spammers began to offer more often advertising delivery services via SMS and popular Internet messengers (WhatsApp, Viber and others). Customers of such services are looking for using traditional spam mailings and the number of such advertisements is increasing.

Among malicious attachments, there was most often a phishing html page with a form for entering confidential data, which was then sent to attackers. In second place is the Bagle worm, which collects the victim's mail contacts and sends itself over them, followed by the Redirector Trojan, which redirects the user to a fraudulent site. At the same time, the largest share of mail antivirus positives was registered in the United States (9.8%), followed by the United Kingdom (9.6%) and Germany (9.2%).

Russia is the leader in the ranking of countries most often attacked by phishers (17.28%) - over the year its share has increased by six percentage points. At the same time, the leader of last year - the United States (7.2%), lost almost 24 percentage points and shifted to second place. In 42.6% of attack events, scammers covered up with the names of Internet portals, which differs from the situation in 2013, when the names of social networks were most often used.

2013: The rise of fraudulent and malicious messages

The number of legal advertising of goods and services in spam decreased in 2013, while the number of fraudulent and malicious messages, as well as the so-called "gray" mailings, increased, Kaspersky Lab said in a statement.

So, earlier the spam category of travel and recreation accounted for 5-10% of the total flow of unwanted correspondence and consisted entirely of various advertising offers. In 2013, commercial advertising of tours and tickets was rarely found, but Kaspersky Lab experts recorded a large number of malicious emails that exploit the topic of tourism. Various fakes under the notice of a booked room at a hotel, tour, cruise or plane ticket contained attachments with malware.

In addition, letters were discovered with the help of which fraudsters tried to "launder" money from stolen bank cards. In messages of this kind, they turned to hotel employees with a request to withdraw money from the card for allegedly booked accommodation and assist in transferring a certain amount to a non-existent travel agent. As a result, the attackers had all the funds.

According to the company, 2013 was also the year of super-short spam emails. The vast majority of spam detected by Kaspersky Lab in 12 months - 74.5% - "weighed" no more than 1 KB. Such "minimalism" allows spammers to send more messages with lower traffic costs, and in addition, it makes it possible to create unique short phrases and change them from letter to letter, which complicates the work of spam filters, experts say.

2012: Reduction in the share of spam to 72%

2012 brought major changes to the spam industry. One of the features of the last 12 months was the longest decrease in the share of unwanted mailings recorded by Kaspersky Lab experts, which decreased by 8 percentage points over the reporting period. In general, according to the results of 2012, this figure in different postal systems amounted to 72%.

However, despite this, spam is still dangerous. The share of emails with malicious attachments decreased slightly and amounted to 3.4%, which is a large value. In addition, these figures do not take into account messages containing links to malicious sites. Most often, in the attached files, attackers posted malware created to steal user logins and passwords from various accounts on the Web.

The geography of the distribution of mail spam has also changed. Most of it is sent from the Asian region, whose leadership is secured mainly at the expense of China, which has significantly strengthened its position. In turn, overseas, thanks to increased spam traffic from the United States, South and North America have practically changed positions. At the same time, Europe is gradually losing ground. Russia in the ranking of spam spreading states has risen one step up and now ranks 8th. True, the share of our country decreased by almost one and a half times to 2.0%.

In turn, Post experts Mail.Ru noted that the very concept of spam has changed today: thanks to filters and analytics, the number of malicious and junk emails from spam mailers in the mail tends to zero, so users often complain about completely legal mailings and attribute them to spam.

2011

Russia No. 3 in the world in terms of outgoing spam

On August 29, 2011, the corporation Symantec published the Symantec Intelligence Report for August 2011. The study combined the results of the Symantec.cloud Message Labs Intelligence Report and data from phishing the Symantec State of Spam & Phishing Report. According to the report, Russia To Europe ranked first in and third in the world in terms of outgoing spam, losing in the world championship and. India In Brazil more than 90% of cases, spam sent worldwide is English-language. In August, the Russian language became the second most popular among spammers in the world.

Analysts for this month also showed that spammers again decided to make money from fluctuations in volatile financial markets. This is especially noticeable in sending out large volumes of spam, which convinces potential victims to purchase small shares at a bargain price. After such a "pump" ("pump"), shares are "dump" ("dump") at an inflated price, and attackers make a profit. Such fraudulent technology is called "pump-and-dump."

Such a flurry of spam emails can cause an artificial jump in stock prices. Usually it is at this moment that scammers get rid of their packages, and the spam attack ends, which in turn helps to reduce interest in shares on the exchange and their return to the initially low price (which can also be used in the market).

In addition, Symantec experts found that in the first seven months of 2011, there were as many new viruses infecting the boot sector of the hard drive (MBR - Master Boot Record) as in the previous three years. An MBR sector is an area on a hard disk (usually the first sector) used by a computer to prepare for operation. This sector is read first of all, and the read data is interpreted by the computer equipment immediately after turning on, even before the operating system boots.

According to the report, the volume of spam has decreased compared to the previous month, but the volume of phishing attacks is growing. Attacks related to the names of well-known brands, for example, attacks with a link to the Apple iDisk service, as well as to various companies and services from Brazil, including social networks and well-known financial institutions, made a great contribution to this growth.

Other excerpts from the report:

  • Spam: In August 2011, the global share of spam in global email traffic decreased to 75.9% (1 in 1.32 emails); 1.9% less than July 2011
  • Phishing: Phishing attacks increased by 0.01 percentage points in August compared to July 2011; one of 319.3 emails (0.313%) contained some kind of phishing attack. The largest source of phishing is the United States, 49.8% of attacks occur from there. Russia ranked third among European countries in the number of outgoing phishing attacks.
  • Viruses: The share of mail viruses in email traffic in August was one virus per 203.3 letters (0.49%), corresponding to a 0.14% increase from July 2011.
  • Web Security: In August, Symantec Intelligence detected an average of 3 "441 virus-spreading websites and other unwanted software, including spyware and adware, every day. Compared to July 2011, the number of such sites decreased by 49.4%.
  • Threats to end devices: The most frequently blocked malicious August program targeting end devices is the W32.Ramnit! html worm. It is carried through removable drives and by infecting executable files. This worm is distributed by encryption and appending to files with the extensions.DLL,.EXE and.HTM. The visibility of the Ramnit worm accounted for 15.8% of all malware blocked using client machine protection technologies in August.

Regional trends:

  • Russia has become the European leader in the number of sent spam - the share of spam of Russian origin in the global amounted to 6.5%
  • Saudi Arabia suffers the most from spam in the world: 84.8% of electronic messages received in the country are spam.
  • Russia (81.1%) lost the second place in the world in the amount of received spam to China (81.6%), the third place was taken Italy (81.3%).
  • She became the world champion in phishing in August: Sweden one out of every 45.3 emails received in the country was phishing.
  • In Sweden, malicious content contains one letter out of 53.2, which also makes the country the leader in the number of viruses in email.
  • Luxembourg ranked second among countries most affected by mail viruses in August - one for every 85.1 emails contained harmful content
  • In the UK, one in every 86.5 letters was blocked as infected.

Vertical trends:

  • The largest victim of spam attacks among different sectors of the economy was the automotive industry - the share of spam in mail traffic was 79.0%.
  • The volume of spam in the education sector reached 78.9%, in the chemical and pharmaceutical industries - 75.5%; in IT services - 75.7%, in retail trade - 75.7%, in the public sector - 75.4%, in the financial industry - 75.3%.
  • The public sector became the main target of phishing attacks in August: one letter for every 24.8 was phishing.
  • In the chemical and pharmaceutical industry, one letter out of 720.3 is phishing, in the IT services sector one out of 446.0; in retail - one out of 410.5, in education - one out of 94.4, and in finance - one out of 220.7 letters.
  • The public sector also leads in the number of virus attacks: one out of every 24.0 emails is blocked as malicious.
  • In the chemical and pharmaceutical industries, one letter for 334.6 turned out to be malicious, in the IT services sector one for 345.3; in retail - one by 374.6, in education - odino by 94.0, and in the financial sector - one by 383.0.

Share of spam in mail traffic 80%

Kaspersky Lab said that in April 2011, the share of spam from Russia in the total volume of mail traffic decreased. Although globally, the number of junk emails rose 1.2% to 80.8%. Back in January 2011, Russian spammers ranked second in the ranking of mass mailing sources, second only to India. In April, the second and third places went to Brazil and South Korea, respectively.

Among the topics of mailings were the earthquake in Japan and the war in Libya. At the same time, these tragedies were most often mentioned in letters calling for financial assistance. Scammers also sent messages about winning the Easter lottery, offering users various weekend travel and a wide range of delicacies for the holiday. However, experts noted that there were no malicious Easter mailings. But the topic of the wedding of Prince William and Kate Middleton was not widely used in spam mailings.

2010

The volume of spam in the UK rose by 99%

According to Cisco, in 2010, for the first time in the history of the Internet, the total volume of spam in networks decreased. This was stated in the company's Annual Report on Information Security for 2010, published on January 20, 2011. However, during 2010, the volume of spam continued to increase in developed countries where broadband connections are distributed (in particular, we are talking about France, Germany and the United Kingdom). So, in the UK, the volume of spam in 2010 increased by almost 99 percent. But in Brazil, China and Turkey, which until recently were listed as leaders in this part, the volume of spam in 2010 fell noticeably. For example, in Turkey, the volume of spam for the year decreased by 87 percent. This was largely due to the successful fight against the most dangerous botnets like Waledac and Pushdo/Cutwail, which was conducted by Thorsten Holz, a researcher at the University of Ruhr, and also due to the fact that Internet providers began to limit the spread of malicious messages transmitted by email over broadband networks. In addition, government agencies began to take the problem of spam more seriously and punish the most notorious attackers.

Spam is easy to recognize for cybercriminals' mistakes

According to experts from the G DATA Software security laboratory, Internet attackers who send spam with dangerous links are often given stylistic, grammatical and punctuation errors, by which the user can easily recognize fraudulent messages.

As noted in December 2010 in G Data Software, it is difficult for non-specialists to compile and send messages in different languages ​ ​ without a single error, because to send phishing to attackers from different countries, it is necessary to contact the addressee in his native language. But since not all fraudsters are polyglots, they have to resort to the help of automatic online translators in order to "localize" spam. That is why some assumptions are illogical and sound like "tracing paper" from the original language. If the criminals do not make any mistakes, such attacks are called "complex," the company said.[11]

In addition to grammatical errors, cyber fraudsters often make mistakes in the text that easily betray the nature of the message. As you know, most of the spam messages are addressed to users from "banks." In particular, fraudsters often send letters to potential victims about the need to update the account security system or confirm personal data.

Thus, if the user pays attention to such errors, then he becomes less susceptible to computer attacks from lovers of easy money, emphasized in G Data Software. Specialists from the G Data Software laboratory also advise users to perform the following actions when receiving a message from strangers: in the absence of a PayPal/Yandex account. Money "/WebMoney/" Деньги@Mail.ru, "etc. Should not open messages about the account status or possible threats to the service; the recipient of the letter first of all needs to ventilate the sender's email address, since it is unlikely that a bank employee will have a similar address - lilly @ free_email_provider; it is important to know if the letter is addressed personally to the user - for example, greetings like "Dear bill_jones" indicate spam, because this is just a copy from the user's email address before @; a large number of errors in an official letter from the "bank" also indicate fraud; before clicking on a hyperlink, the user must first point the mouse at the link in order to recognize it - a bank with a site at jgepi.h429.any_domain/login is unlikely to have lasted long on the market; the addressee of the spam letter should not pay attention to the need to make electronic transfers over the Internet; do not click on the "unsubscribe" link in such letters - this option only confirms the address as active, after which the user runs the risk of receiving even more letters from unknown banks.

Share of spam in mail traffic 84%

As Kaspersky Kaspersky reported, in the second quarter of 2010, the share of spam in mail traffic averaged 84.4%, links to phishing sites were contained in 0.02% of all emails, graphic attachments were in 10.3% of spam emails, the United States, India and Vietnam were among the top three countries - spam sources.

Share of Spam in Mail Traffic, Q2 2010

File:spam b3cf4.png

The 30 percent drop in the share of spam during the fourth quarter, as expected, was replaced by an increase in the activity of spam distributors. At the beginning of January 2011, the level of spam increased by 45 percent. The average number of unwanted emails in the fourth quarter of 2010 was 83% of all emails sent worldwide, down 5% from the third quarter. The activity of "zombified" machines was on average 15 percent less than in the previous 3 months.

  • The average daily number of spam\phishing messages in Q4 amounted to 142 billion letters (Q3 - 198 billion letters).
  • 288 thousand "zombified" machines showed activity daily (339 thousand in the 3rd quarter).
  • 42% of the total volume of spam is medical spam.
  • For the fifth quarter in a row, porn sites contain the largest number of malware.
  • India retains its title as the country sending the most spam.
  • Streaming media and downloads still make up the largest portion of user-generated content (Web 2.0).
  • In the 4th quarter, owners of spam networks began to combine old methods with new ones in order to increase the profitability of their activities (spam, phishing and malware):
    • Twitter activities in and in the service cache are propagated; Google
    • came-back use of ASCII in spreading spam.

1986-1996

For unsolicited advertising on the network, the word "spam" was entrenched in 1986 thanks to the first ever online commercial newsletter about the financial pyramid under the general heading "earn a lot of money," which appeared in the Internet harbinger - the USENET[12].

The idea did not take root and caused nothing but irritation. Perhaps the first commercial recourse to this strategy was the 1996 Lawrence Kanter and Martha Siegel USENET newsletter, which offered legal assistance in green card design. Later, the authors of the mailing list, hated by network users, boasted of profit - thanks to spam, they managed to earn 100 thousand dollars. Based on good experience, they even wrote the How to Make a FORTUNE on the Information Superhighway: Everyone's Guerrilla Guide to Marketing on the Internet and Other On-Line Services business textbook. The book can still be bought today on Amazon.

And two years later, the first meaningless mailing appeared in the same USERNET, spam without the goal of taking money from the population. It is sometimes called one of the first great mysteries of the network. In 1996, a message began to appear in USERNET user communities, usually entitled or starting with the words Markovian Parallax Denigrate. USERNET consisted mainly of cybernetics, programmers and other specialists, but even they could neither read the encrypted message (if it was a message) nor find any logic in it.

The message looked like this:

jitterbugging McKinley Abe break Newtonian inferring caw update Cohen air collaborate rue sportswriting rococo invocate tousle shadflower Debby Stirling pathogenesis escritoire adventitious novo ITT most chairperson Dwight Hertzog different pinpoint dunk McKinley pendant firelight Uranus episodic medicine ditty craggy flogging variac brotherhood Webb impromptu file countenance inheritance cohesion refrigerate morphine napkin inland Janeiro nameable yearbook hark

Meat Manufacturer † SPAM

There was no special word for such mailings for a long time to appear, they had to come together: a historical curiosity, comedians from Monthly Python and a proto-internet.

The curiosity was provided by the company - the manufacturer of meat - SPAM, the official supplier of the British army during the war and a member of the Lend-Lease. After the war, the company was left with huge surplus coronavirus, which now did not have to be sent anywhere. To get rid of them, an aggressive advertising campaign was launched: the letters SPAM were everywhere, in shop windows and in public, and transport so tired that the comedians from Monthly Python shot a sketch about them, and the word became a household name for obsessive advertising.

1864: The first unsophisticated spam mailing

It is generally accepted that Western Union subscribers received the first inappropriate spam mailing in 1864 after the company allowed messages to be sent to large lists of addresses. The opportunity was instantly taken advantage of by the dental clinic, and unsolicited advertising flew on telegraph wires.

SMS spam

Main article: SMS-spam

Famous spammers

Antispam technology

Main article: Antispam technology

Notes