Sophos, an Internet security company, has published its latest report on the twelve spam relaying countries over the second quarter of 2006.
After scanning all spam messages received in the company’s global network of spam traps, the experts at SophosLabs have revealed that for the first time in more than two years, the United States has failed to make inroads into the spam-relaying problem.
The US is the source of 23,2 percent of the world’s spam and it’s followed closely by China and South Korea although both of these nations have managed to reduce their statistics since Q1 2006. According to SophosLabs’ studies, the vast majority of this spam is relayed by “zombies”, also known as botnet computers, hijacked by Trojan horses, worms and viruses under the control of hackers.
“Since the introduction of the CAN-SPAM legislation in 2004, we’ve seen a regular quarter-on-quarter drop in the proportion of spam coming from the US – until now, that is,” said Graham Cluley, senior technology consultant at Sophos. “Given the number of arrests, and the huge fines dished out to guilty spammers, it’s hard to criticise the US for failing to take action. Perhaps the reality is that the statistics can’t be reduced any further unless US home users take action to secure their computers and put a halt to the zombie PC problem.”
An interesting discovery is that although Russia is not on the list of the top world spammers, it may be controlling vast network of zombies PCs. Sophos recently discovered a Russian spamming price list, which showed that $500 would purchase email distribution to eleven million Russian email addresses. On top of this, companies could buy distribution to one million addresses in any country they wanted for just $50.
Although companies and ISP are actively involved in the fight again spam by implementing spam filters in their email servers, spammers have, of course, find a way to outmaneuver them by sending images instead of text to deliver their spam messages. This makes anti-spam filters that rely on the analysis of textual spam content useless against messages that contain images.
Sophos has also noticed a serious rise of the percentage of pump-and-dump scams out of all spam emails. These scams are email campaigns designed to boost the value of a company’s stock in order for spammers to make a quick profit. The percentage of this kind of spam has rise to about 15 percent compared to just 0.8 percent in January 2005.
“It’s worrying to see so many pump-and-dump emails – often with embedded graphics included – being spammed out to the general public,” added Cluley. “The people that act upon these emails aren’t skilled investors, and don’t realise that purchasing the shares is likely to reap no reward, benefiting only the spammers, while creating a financial rollercoaster for the organisation in question.”
Spam is without any doubt, a plaque of the Internet and there are still no permanent solutions for its removal and prevention. No matter how secure you think you email account is, you should be careful where you post your email address as spammers are always in need for a new address to add on their spam list.
Here is the “Dirty Dozen” spam relaying countries, according to SophosLabs:
April to June 2006
1. United States — 23.2%
2. China (& Hong Kong) — 20.0%
3. South Korea —7.5%
4. France — 5.2%
5. Spain — 4.8%
6. Poland — 3.6%
7. Brazil — 3.1%
8. Italy — 3.0%
9. Germany — 2.5%
10. United Kingdom — 1.8%
11. Taiwan — 1.7%
12. Japan — 1.6%