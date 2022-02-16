From promising "easy and stable" investment plans to "free" online streaming of big-ticket movies even before they released, cyber-fraudsters upped their game considerably in 2021. As per a report by cybersecurity services and solutions company Kaspersky, more than 45 percent of all emails sent globally in 2021 were spam, while Brazil, France and Portugal had the highest shares of users falling for phishing scams, at 12.39 percent, 12.21 percent and 11.4 percent, respectively. The report said 7.29 percent of global users attacked were from India.

Country Share of attacked users Brazil 12.39% France 12.21% Portugal 11.40% Mongolia 10.98% Réunion 10.97% Brunei 10.89% Madagascar 10.87% Andorra 10.79% Australia 10.74% Ecuador 10.73%

Spam are massive or targeted email distributions, promoting products and services to lure the unsuspecting. Phishing often takes the form of a spam email paired with a malicious copy of a legitimate website.

"While not being too complex technology-wise, spam and phishing attacks are often based on sophisticated social engineering techniques. That is why such attacks are considered quite dangerous for an unprepared user," Kaspersky said in its 'Spam and Phishing in 2021' report.

The most innovative method that scammers came up with last year was offering free online streaming of highly anticipated movies, including the James Bond movie 'No Time To Die' and Marvel's latest superhero movie 'Spider-Man: No Way Home'.

Websites offering free streaming popped up before the movies even released and continued to appear till the eve of the premiere. (Image: Kaspersky)

The report said websites offering free streaming of these films appeared online shortly ahead of the actual release date, continuing to pop up until the eve of the official premiere. Anyone clicking on these links was taken to a streaming website, where the promised free stream would be interrupted, with visitors being shown just a snippet of a trailer or a TV spot already released. They would then be asked to register and pay a nominal fee, which was just a ploy to gain access to the users' banking details.

The report stated that fraudsters took advantage of restrictions and requirements forced by the ongoing COVID-19 pandemic to launch sophisticated attacks on their targets.

In fact, fraudsters stooped as low as to offer fake COVID vaccination passes and QR codes--for a fee, of course. The consequence in most such cases was that, while the anonymous fraudsters got away with it--and their victims' money--the intended targets, if caught with such fake passes, faced criminal charges.

Further, the study reported a widely used method was to send emails with attached HTML files, mostly titled "COVID test result", which, if clicked, would take the user to a scam website where they were prompted to enter the username and password for their email account.

This message was disguised as one sent by the UK's National Health Service. (Image: Kaspersky)

Further, fraudsters designed phishing attacks to lure the unsuspecting to register themselves for a free COVID-19 vaccine dose. In one instance, per the report, several users received an email purportedly from the UK's National Health Service (NHS), prompting them to register for the vaccine.

The link in the email took the user to a fake website where they were required to fill in their personal data, including bank details.

A month-wise breakup of spam share in email traffic last year. (Image: Kaspersky)

In 2021, personal investments gained significant relevance with banks and other financial organisations promoting schemes.

Cybercriminals cashed in on the trend by floating attractive but fake investment schemes or bonds, often using the names of successful individuals and well-known companies to attract attention and gain trust of investors. Another popular bait was investment in cryptocurrencies.

“Widely discussed topics such as money, movie premieres and worldwide events like the pandemic have always been the 'bread and butter' for scammers. We keep seeing these trends return year after year, and it doesn’t look like criminals will stop anytime soon. This is mostly because these scams prove very efficient as people continue to trust too much of what they see in their inboxes and browsers," said Tatyana Sherbakova, a security expert at Kaspersky.

Sources of spam by country. (Image: Kaspersky)

According to the report, just as in 2020, most spam came from Russia, whose share increased 3.5 points to 24.77 percent. Germany remained in second place with a 14.12 percent share, followed by the United States (10.46 percent) and China (8.73 percent).

Company detection data shows that October 2021 accounted for the highest malicious mail attachments, with Kaspersky claiming that it blocked more than 15 million such emails.

October accounted for the highest number of spam emails. (Image: Kaspersky)

As per Kaspersky's report, "Agensla" Trojan horses--which steal login credentials stored in browsers as well as credentials from e-mail and FTP (file transfer protocol clients--were the most frequently encountered, at 8.67 percent. Baldun Trojans--disguised as electronic documents--followed at 6.31 percent. The Taskun family of Trojans--which create malicious tasks in Windows--accounted for 3.95 percent, the report added.

Trojan horses detected in 2021. (Image: Kaspersky)

With 2021 being another pandemic year, the demand for online shopping remained high. Consequently, 16.61 percent phishing pages were designed to mimic online stores, closely followed by popular websites (17.27 percent) and payment systems (13.11 percent). Banks (11.11 percent) and social networks (6.34 percent) occupied the fourth and fifth positions, respectively.

In conclusion, the report said, "key trends in phishing attacks and scams are likely to continue into the coming year ... Given remote and hybrid working arrangements are here to stay, the demand for corporate accounts on various platforms is unlikely to wane."

How to avoid falling into such traps:

Only open emails and click links from trusted senders

When a sender appears legitimate but the content of the message is suspect, always contact the sender through an alternative communication channel

Closely check the spelling of a website’s URL if you have a suspicion that it could be a phishing page--the URL may contain differences that are tricky to spot at first glance, such as a 1 instead of I, or 0 instead of O