Kaspersky spam and phishing report: some fears about new gTLDs have materialised


The Internet Corporation for Assigned Names and Numbers (ICANN) launched the application process for new generic top-level domains (gTLDs) in January 2012. The new gTLD programme will result in an unprecedented expansion of the Domain Name System. At the time of writing, over 630 new gTLDs have been delegated and approximately 400 have been launched.

New gTLDs were introduced by ICANN to encourage diversity, competition and to enhance the usefulness of the domain name system. However, many critics of the programme suggested that the introduction of new gTLDs would provide opportunities for malicious third-party actors such as spammers, phishers and cybersquatters.

A recent report published by Kaspersky, a leading international software security company, seems to suggest that some of these fears were not unfounded. The report showed that, during the first quarter of 2015, there was an increase in the number of new domains that were sending out spam email. Spam email is unsolicited email that is sent out en masse to recipients and has been a significant problem for anyone who uses email. It is worth noting as well that spam is not only just an annoyance, it can also pose a security risk as spam email is also used to distribute computer viruses.

The report showed that, as new gTLDs launched, some of the spam email campaigns were sent from gTLD domain name registrations that had a connection with the subject of the spam email. For example, some spam emails sent from domain names registered under the ‘.work’ gTLD contained offers to carry out various types of work such as household maintenance, construction of equipment installation. Likewise, spam email sent from domain names registered under the ‘.science’ gTLD were purporting to advertise schools that offer distance learning, colleges to train nurses, criminal lawyers and other professionals.

According to the report, in the first quarter of 2015, the top three countries targeted by spam were the United Kingdom (7.85%), followed by Brazil (7.44%) and then the United States (7.18%). Other countries which were not far behind included Germany (6.05%) and Australia (4.12%).

In contrast, the top three countries who were the biggest sources of sending spam in the first quarter of 2015 were the United States, which sent 14.5% of all unwanted mail, followed by Russia (7.27%) and then Ukraine (5.56%). Just behind were Vietnam, China and Germany.

The report also showed an increase in phishing attacks during the first quarter of 2015, representing an increase of one million more than the previous quarter. Phishing is an attempt by malicious third parties to fool internet users into revealing sensitive data such as usernames, passwords and credit card details. This is often done by sending an email which purports to be from a genuine company, but sends internet users to a phishing website which resembles the company website. Once on such websites, users are encouraged to log in and confirm their details. Depending on the phishing scheme in place, this can range from handing over access codes to online banking, online payment systems or social networks.

The country where the largest percentage of users were affected by phishing attacks was Brazil with 18.28% of users affected, closely followed by India and China with 17.73 and 14.92%, respectively, of users affected. The three companies who received the most phishing attacks during the first quarter of 2015 were Facebook, Google and Yahoo.

David Taylor and Sean Kelly, Hogan Lovells LLP, Paris

Get unlimited access to all WTR content