Spam and Phishing in Q1: New domains revitalise old spam: Kaspersky

Kaspersky logo[news release] The new range of top level domains, launched in January 2015 and intended for use by relevant communities and organizations, has proved irresistible to spammers according to Kaspersky Lab’s Q1 2015 analysis of the spam and phishing threats landscape. For many the new domains represent an excellent tool for promoting unwanted or illegitimate advertising campaigns.

Spam and phishing statistics

  • The proportion of spam in email traffic according to the figures for the first quarter of 2015 was 59.2%, which is 6 percentage points lower than in the previous quarter.
  • The USA retained its position as the biggest source of spam, sending 14.5% of unwanted mail.
  • Kaspersky Lab products recorded 50,077,057 instances that triggered the “Antiphishing” system. This was 1 million more than in the previous quarter.
  • Phishing against customers of financial organizations accounted for 37.06% of all registered incidents.

Kaspersky proportion of spam in email traffic October 2014 - March 2015

Kaspersky table showing proportion of spam in email traffic October 2014 – March 2015

New domain scams

The new generic top-level domain (gTLD) registration program gives organizations the opportunity to choose a domain zone that is consistent with their activities and the theme of their sites. For example, job websites can now use a .work domain and scientific websites could choose a .science domain etc. The business opportunities provided by the new gTLD program were enthusiastically endorsed by the Internet community and the active registration of new domain names is ongoing.

Spammers and cybercriminals have also been quick to react to the trend. As a result of their activities, new domain zones almost immediately became an arena for the large-scale distribution of advertising spam, phishing and malicious emails.

According to Kaspersky Lab’s email traffic observations; there was a considerable increase in the number of new domains that sent out spam content in Q1 2015.

Emails sent from the .work domains generally contained offers to carry out various types of work including household maintenance, construction or equipment installation. On the other hand, many of the messages from the .science domains were advertising schools that offer distance learning, colleges to train nurses, criminal lawyers and other professionals.

Q1’s spam traffic also featured many emails sent from color domains such as .pink, .red, or .black. These were often used to advertise Asian dating sites.

“When looking at Q1 in general and the type of spam on the new domains, insurance was one of the hottest topics in terms of the number of messages and the number of changing domains in mass mailings. This covers all types of insurance – life, health, property, cars, animals, and funeral insurance,” said Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Lab.

To learn more about spam and phishing operations in Q1 2015, please read the blog post available at

This Kaspersky news release was sourced from: