A quarter (24.77%) of all spam emails sent in 2021 originated from Russia, with more than half (56%) of all emails being spam messages.
That's according to Kaspersky’s latest Annual Spam and Phishing Report, which analysed close to 150 million malicious email attachments blocked by the cyber security provider’s antivirus over the course of last year.
Kaspersky identified 10 countries that were responsible for sending out more than three quarters of the world’s spam emails, with Russia and Germany (14.12%) being the most prolific senders.
The US and China came in third and fourth place, at 10.46% and 8.73% respectively. The Netherlands (4.75%) came in fifth place, followed by France (3.57%), Spain (3%) and Brazil (2.41%), Japan (2.36%), and Poland (1.66%).
When compared to 2020, Russia and China had the most significant rise in sent spam – a 3.5% and 2.5% increase, respectively.
Brazil-based users were most often targeted by phishing attacks, with 12.4% of 2021’s victims being based in the South American country, followed by French, Portuguese, and Mongolian users.
When it came to content, 2021’s spam emails mostly centred around popular topics including money and investment, Bond and Spider-Man movie premieres, and the pandemic, which Tatyana Shcherbakova, security expert at Kaspersky, described as “bread and butter for scammers”.
The most notable COVID-related scams included fictitious financial support schemes and fake COVID vaccination passes and QR codes, Kaspersky found.
RELATED RESOURCE
The best defence against ransomware
How ransomware is evolving and how to defend against it
“These scams prove to be very efficient as people continue to trust too much of what they see in their inboxes and browsers. We believe it is important to be aware that there are a lot of offers out there that seem “too good to be true”,” she said, calling on people “to be cautious when it comes to trusting what’s in their email”.
“This approach may help them save their private data and money,” Shcherbakova added.
Kaspersky’s findings come weeks after Microsoft issued a warning about hackers targeting Microsoft 365 users with a fake app capable of stealing OAuth authentication tokens, providing them full access to the victim's email, calendar, and contacts.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Busting nine myths about file-based threatsWhitepaper Distinguish the difference between fact and fiction when it comes to preventing file-based threats
-
C-suites consider quantum a serious threat and "amazing" deepfake attacks are just 'months away'News Deepfake technology has matured at a rapid rate, and video scams are likely to be a on par with the more convincing voice-only campaigns very soon, one expert says
-
The state of email security 2023Whitepaper Cyber risk commands the C-Suite's focus
-
Microsoft 365 business users targeted with new DocuSign phishing scamNews Threat actors are using fake login forms to trick users into changing their payment details
-
Blockchain-based Gmail plugin lets users keep control over email attachments after they're sentNews Document GPS email extension for Google Workspace considered world's first Gmail tokenization tool
-
Shiseido reportedly suffers data breachNews The Japanese cosmetics company has been accused of failing to notify affected staff of the leak
-
Education and government most at risk from email threatsNews New report finds phishing remains most dominant threat to IT security
-
Hackers use SquirrelWaffle malware to hack Exchange servers in new campaignNews Researchers discovered malicious emails being sent as replies to existing email chains
