The quantity of fraudulent messages says the Moscow-headquartered IT security vendor, is striking, but so is the variety of social engineering techniques that are being deployed. On one level, the firm notes, attackers used tried-and-trusted tricks, sending email offers on behalf of online games to steal user names and passwords - or fake notifications from major organisations which then link to a phishing resource.
In parallel with these developments, Kaspersky adds that multi-stage attacks on a new level are now becoming more common. For example, messages invited recipients to take part in a survey and win money for doing so. Users following the link find themselves on a page with a customer satisfaction survey form.
After submitting the survey, users are then redirected to a further form asking for their full credit card details in order to process the promised payment, with the information being used to clean out accounts, rather than pay any money.
Despite the volume of fraudulent spam soaring, the third quarter saw overall spam levels falling steadily throughout the reporting period - except for a spike in the last week of September when the share reached 82.1% of all messages seen during the reporting period.
The average percentage of spam with malicious attachments reached a record-breaking high of 5.3% during the quarter, a spike that – along with a similar rise in adult content spam – Kaspersky ascribes to the summer holiday season and the `second wave' of the global economic crisis.
Commenting on the research, Darya Gudkova, the firm's head of content analysis and research, said that, during the summer slowdown, and prompted by the uncertain financial climate, spammers look for scams that can keep them in business.