Criminals are using spam email campaigns to target thousands of potential victims all over the world. The year 2016 has seen its fair share of such campaigns, most of which relate to the distribution of ransomware and other types of malware. Rest assured this threat will carry on throughout the year 2017 and beyond. Computer users need to remain vigilant when it comes to receiving emails, as one never knows what lurks in the corner.
#4 March 2016: Locky
In March of 2016, the world was in for a nasty surprise when a major spam campaign hit mailboxes on a global scale. Every email message contained a Locky ransomware downloaded hidden within a malicious email attachment. In fact, security researchers discovered this event was a combination of concurrent email spam campaigns targeting over four dozen countries.
The email messages used for this spam campaign contained an invoice attachment, claiming to originate from a former employee or a business partner who is still owned money. Once a user downloads the invoice and opens the file, Locky will be downloaded in the background. It is unknown how many computers were affected by this spam campaign, although it seems safe to say a lot of damage has been done in the process.
#3 July 2016: Andromeda Botnet
One of the scariest email spam campaigns occurred in July of 2016. Italian residents were targeted by a massive campaign aiming to infect computers so they would install Andromeda malware in the process. Once a host is compromised, the machine would become part of the Andromeda botnet, which has been in operation since 2011. Close to 210,000 emails were sent out during this campaign, 97% of which targeted Italian internet users.
#2 December 2016: Locky + Botnet
Things went from bad to worse during the 2016 holiday season. Researchers came across a new spam campaign which attempted to execute a two-pronged approach: infect computers with Locky ransomware and make them part of a growing botnet. The Locky ransomware campaign started at the end of November, although spam emails were not the only distribution method used03 by criminals.
Dealing the maximum amount of damage with a spam campaign is the number one priority for criminals. By combining Locky ransomware with a file to make computers part of a botnet, this campaign would have had significant implications. The malware bundled with Locky would force computers to connect to hard-coded IP addresses and turn them into a botnet member. Thankfully, it appears this campaign has not been all that successful.
#1 December 2016: Christmas Email Spam
As one would expect during the final weeks of December, spam campaigns related to Christmas-themed messages started appearing all over the world. Interestingly enough, most of these spam messages were used to set up social engineering attacks, including phishing attempts and drive-by download campaigns. By leveraging popular keywords while sending out spam emails, these campaigns are always incredibly successful.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.