Share this article on:
There has been a downward trend in the volume of spam email being sent in recent years. Spam email volume has fallen from between 65% and 71% of total email traffic in 2014 to between 52% and 59% in 2016*; however, while total volume is down, malicious spam email volume is increasing. The latest figures from Proofpoint show a sharp rise in malicious spam email during quarter 2 of 2016. Malicious email volume increased by 230% quarter over quarter.
Locky Ransomware is Now the Biggest Email-Borne Threat
New ransomware is also being developed at an alarming pace. Since December 2015, ransomware variants have increased between 5 and 6 fold according to the latest quarterly threat report from Proofpoint.
While vast quantities of spam emails are still being sent out at random, highly personalized campaigns are becoming much more common. Previously these tailored spam email campaigns have involved far lower volumes of emails. Now those campaigns involve tens of thousands of email messages.
There was a brief hiatus in Locky spam email campaigns towards the end of May/Start of June; however, activity resumed on June 19 and large campaigns are being conducted once again. Earlier this year, Locky and Dridex were being sent out in spamming campaigns involving hundreds of millions of messages every day. Activity has not resumed at the same levels although malicious spam volume is increasing dramatically.
Exploit Kit Activity is on the Increase
Exploit kit activity fell dramatically between April and June. By the middle of June, Angler EK activity had all but stopped. In Q1, Angler was the main exploit kit being used for drive-by downloads. Magnitude EK activity similarly stopped. By the middle of June, EK activity dropped to 96% of pre-April levels. However, Since the middle of June EK activity has increased. Attackers have switched to the Neutrino EK to deliver ransomware and malware. CryptXXX ransomware now dominates the EK landscape.
Proofpoint has also tracked phishing campaigns and reports an increase of 150% in social media phishing attempts during the first six months of 2016, compared to the same period in 2015. BEC attacks on organizations have similarly increased. Proofpoint reported that 80% of its customers had received at least one targeted BEC message in the last 30 days. BEC attacks are also evolving and are now being sent to larger groups of individuals in targeted organizations.
Proofpoint reports that mobile devices are increasingly being attacked by cybercriminals via exploit kits. Proofpoint reports as many as 10 million Android devices were infected with malware during Q2, 2016. Malware is being used to push advertising and install fake apps on devices. In the main, attacks are occurring on devices running Android v5.1 or earlier.
*Statista – Global spam volume as a percentage of total email traffic