Over 3 million online infections detected in PH from April to June

From April to June 2017, Kaspersky Lab products detected 3,174,077 malware incidents on the computers of Kaspersky Security Network (KSN) participants in the Philippines.

Kaspersky Lab_Spam Report Q2 2017

Overall, 19.2% Filipino users were attacked by Web-borne or online threats during this period on average. Attacks via browsers are the primary method for disseminating malicious programs, the Internet security firm said.

In terms of local infections, or spreading malware via removable USB drives, CDs and DVDs, and other “offline” methods, Kaspersky Lab products detected 12,153,355 incidents in the Philippines for the second quarter of the year.

Overall, over half of users (56.0%) in the country were attacked by local threats during this period on average.

KSN is a distributed infrastructure that processes depersonalized cybersecurity-related data streams from millions of voluntary Kaspersky Lab product users around the world.

The statistics in the report (except for spam) are based on anonymous data obtained from Kaspersky Lab products installed on users’ computers in Philippines and was acquired with the consent of the users involved.

The company said in its “Spam and phishing in Q2 2017” report that cybercriminals involved in spam distribution tried to capitalize on public fears when the WannaCry ransomware epidemic struck in May.

Knowing that there are lots of people were infected with the ransomware and searching for ways to get their encrypted data back, fraudsters sent out spam and phishing emails, offering users different services to fight against the epidemics.

The WannaCry ransomware attack affected more than 200,000 computers across the globe, resulting in massive panic, and spammers instantly capitalized on the opportunity. Researchers detected a large amount of messages offering services such as protection from WannaCry attacks, data recovery, and, moreover, educational workshops and courses for users.

In addition, spammers successfully implemented a traditional scheme of fraudulent offers to install software updates on affected computers. However, links were redirecting users to phishing pages, where the personal data of victims would have been stolen.

One of the main trends in the past three months is the number of mass mailings targeted at corporate networks. Based on Kaspersky Lab research, these have expanded since the beginning of the year.

Spammers began to widely disguise malicious mailings as corporate dialogues, by using the identities of corporate mail services, including real signatures, logos and even banking information. In archives attached to the email, cybercriminals sent out exploit packages targeted at stealing FTP, email and other passwords.

Kaspersky Lab said most attacks on the corporate sector have financial goals.

In addition, in the second quarter of the year researchers detected a growth in number of mass mailings with malicious Trojans, sent on behalf of international delivery services. Spammers were sending shipping reports with information about non-existent parcel deliveries.

With the aim to infect computers or to steal personal credentials, criminals were found spreading download links with malware, including the banking Trojan Emotet, which was first detected back in 2014. Overall, the volume of malicious mass mailings have increased by 17%, according to the new Kaspersky Lab report.

“During the second quarter of the year, we have seen that the main trends in spam and phishing attacks have continued to grow. The use of WannaCry in mass mailings proves that cybercriminals are very attentive and reactive to international events. Moreover, cybercriminals have started to focus more on the B2B sector, seeing it as lucrative. We expect this tendency will continue to grow, and the overall amount of corporate attacks and their variety will expand,” said Darya Gudkova, spam analyst expert at Kaspersky Lab.

Comment on this post