Spam emails that are blocked immediately (called IP connection blocks) because spam-detection programs recognize the send as a bad actor increased sharply during 2016. In the United States, IP connection blocks rose from 1.35 million in 2015 to 2.05 million. IP connection blocks doubled in France, Mexico and Brazil, and jumped more than six times in India.
Cisco attributes the rise in spam primarily to the rise of large spam-sending botnets, and that between 8% and 10% of global spam “could be categorized as malicious.”
Among the top web attack methods observed in 2016, the top-ranked were suspicious Windows binaries and potentially unwanted applications. Suspicious binaries deliver threats such as spyware and adware. Malicious browser applications are an example of unwanted applications.
Facebook Inc. (NYSE: FB) can deliver such scams as fake offers and media content that includes survey scams. Cisco noted:
Facebook scams, which include fake offers and media content along with survey scams, ranked third on our list. The continued prominence of Facebook scams on our annual and midyear lists of the most commonly observed malware highlights the foundational role of social engineering in many cyber attacks. Facebook has nearly 1.8 billion monthly active users worldwide. It is logical territory for cybercriminals and other actors looking to dupe users.
Another of the top five most often observed malware types last year was browser redirection malware that attackers use to expose internet users to malicious advertising that can launch ransomware and other attacks on users’ devices. The Cisco researchers warn that malicious adware, including such things ad injectors, browser-setting hijackers, utilities and downloaders, is a growing problem.
You can review the entire report at the Cisco Systems blog.