The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1
Latest posting
By rating
By popularity

07 Nov Gaddafi’s death in spam Maria

13 Sep New spam sources in the making Maria

07 Sep SQL for dummies Natalia Zablotskaya

24 Mar Lab Matters - The State of Spam Ryan Naraine

21 Dec The 12 scams of Christmas David

15 Nov Phishing on the rise Aleks

Join our blog

You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.


“Nigerian” spammers are extremely quick to react to the world’s hottest news stories. News of the death of former Libyan leader Muammar Gaddafi had barely even broken before a string of emails from the “relatives of the deceased” began to appear.

Gaddafi’s inconsolable relatives would be amazed if they knew how many emails had been sent in their name to Internet users around the world.

Instead of joining in the funeral rites, it looks like Gaddaffi’s sons and daughters, or his wife, his brothers or even friends, have rushed straight to their PCs to write to people all over the world asking for help in spiriting uncountable millions of dollars out of the country.

According to the “Nigerians”, the family of the Libyan leader is worth hundreds of millions of dollars. The emails which fell into my hands cited a minimum figure of $300 million.

Most of these emails purport to come from “Gaddafi’s wife”. The spammers seem to think their heart-rending stories about her hard life in her husband’s family could explain her sudden desire to share his money with her close friends. Or even with distant strangers, depending on the recipient of the email.

She’s not alone, though: an unlikely coalition of “opposition forces”, “lawyers” and “bank clerks who have access to Gaddafi’s accounts” also share the general desire to transfer the Colonel’s money abroad.

“Nigerian” spam is, of course, pure fraud. None of Gaddafi’s wives or even his lawyers will ever send emails to someone they do not know asking for help in getting millions of dollars out of the country and offering an unknown agent the commission for doing so. If a user takes the bait the fraudsters will extort money from him to allegedly cover different “expenses” until no more money is left. One should be realistic about the many offers received via the Internet from an unverified source calling himself Colonel Gaddafi’s son (ALL OF A SUDDEN!).

Below are the screenshots of several “Nigerian letters” sent on behalf of Gaddafi’s family:

Comment      Link

Spam Test|New spam sources in the making

Posted September 13, 07:14  GMT
Tags: Spam Statistics

After the Pushdo/Cutwail, Bredolab and Rustock botnets were taken offline, the geography of spam sources underwent some major changes. In particular, from September 2010 the US, for a long time the leading spam distributor, began to lose ground. For several months now it hasn’t even made it into the Top 10 leading sources of spam and only occasionally appears at the bottom of the Top 20.

The US and some European countries have been replaced by Asian and Latin American countries. The cybercriminals have clearly established new bases for distributing spam with eight of July’s top 10 spam sources located in Asia and Latin America.

Sources of spam in July 2011

Spam Test|SQL for dummies

Natalia Zablotskaya
Kaspersky Lab Expert
Posted September 07, 10:53  GMT
Tags: Spammer techniques, Spam Statistics

In their attempts to bypass e-mail filtering systems and deliver their information to users, spammers often resort to all sorts of tricks. Although really new tricks (such as distributing mp3 files with voice-generated messages) are relatively uncommon, sometimes they do come up.

Kaspersky Lab analysts have recently come across a few curious samples. While masking text with noise is nothing out of the ordinary, the links were arranged in a rather unusual way.

The trick itself turned out to be rather simple and has been relatively harmless so far: a URL in the message is a request to a website that is vulnerable to SQL injection. The code yields one string, which is a spam link (in this case, a typical pharmacy ad). This is where the browser is redirected – naturally, if the original site allows such code to be executed.

Some instances we encountered during a week of observations demonstrate that following a large-scale SQL-attack LizaMoon many website owners took relevant security measures and finding suitable “donors” on a mass scale was not at all that simple.

Comment      Link

Webcasts|Lab Matters - The State of Spam

Ryan Naraine
Kaspersky Lab Expert
Posted March 24, 14:33  GMT
Tags: Botnets, Spam Statistics, Spam and the law

The end of 2010 was a rather bad time to be a spammer. Thanks to an industry-wide effort that included botnet takedowns and legal cases, we saw a dramatic shift in the way spammers used unsolicited e-mail to make money. In this Lab Matters webcast, Kaspersky Lab senior spam analyst Maria Namestnikova looks closely at the pharmaceutical spam operations and discusses how spammers are using affiliate programs and rebuilt botnets to recover from last year’s crackdown.

Comment      Link

Opinions|The 12 scams of Christmas

Kaspersky Lab Expert
Posted December 21, 17:58  GMT
Tags: Spam Statistics

My colleague Tanya has just posted over on our Russian site about losses caused by Internet fraudsters in England and Wales. If you want to practice your Russian, hop over there, and take a look!

Even though we're a Russian company, we know that most people in the UK (including me!) prefer to get their news in English. So here's a few facts and figures:

In a recent statement, the Office of Fair Trading estimated that losses caused by Internet fraud amounted to £14 billion per year. That's a lot of money! It's also a lot of victims!

The OFT statement quotes research carried out by the University of Portsmouth, commissioned by ACPO (Association of Chief Police Officers) and NRA (National Fraud Authority):

  • 70,000 people fell victim to a single Nigerian e-mail scam
  • 38,000 people a year fall victim to fake prize draws
  • 10,000 people a year fall victim to investments scams
  • 14,000 people a year fall victim to fake lotteries

The report indicates that many people are reluctant to report fraud of this kind - because they're ashamed, embarrassed, angry or simply confused.

The first thing to remember is that you should be very, very wary of 'get-rich-quick' schemes: if something looks too good to be true, it almost certainly is! Please don't hand over money to complete strangers and avoid disclosing any personal information unless you know eactly who you're dealing with. The NRA gives a helpful list of the '12 scams of Christmas' so if you're in any doubt, check this list out.

If you do fall victim to an Internet scam, please do report it - you can do that here. Nobody's going to judge you - on the contrary, the more reports are made, the better we can quantify the threat! Remember, we can't begin to really manage the problem of Internet fraud and cybercrime unless we can measure it effectively.

Comment      Link

News|Phishing on the rise

Kaspersky Lab Expert
Posted November 15, 15:45  GMT
Tags: Electronic Payments, Spam Statistics

Over the past week we saw more and more phishing emails every day. A major European ISP told us that within 24 hours they scanned 16 million messages and 268,000 were phisihng scams. And this wasn't one scam - there were many different messages targeting companies including Citibank, US Bank, EBay, Pay Pal and Sun Trust.

Possibly, the recent outbreaks by Bagle.at and Bagle.au supported this flood, since these Bagles created new bot networks for spammer use.

On the other hand, the computer underground may be taking revenge for the successful arrests of fellow cyber criminals over the past several months around the globe.

We are monitoring the situation, but do caution users to be extra careful about anwering emails from financial institutions.

Comment      Link