IT security and control firm Sophos has published its latest report on the top 12 spam-relaying countries over the third quarter of 2007.
Experts at SophosLabs scanned all spam messages received in the company's global network of spam traps, and have revealed that yet again the US relayed more spam than any other nation, accounting for a massive 28,4% – meaning that almost one in three of all the world's spam emails is being sent through a compromised US computer.
The gap between the US and its nearest rival has also increased significantly, with second placed South Korea only responsible for relaying 5,2%, or one in 20 spam messages.
The top twelve spam-relaying countries for July to September 2007 are as follows:
1 – United States: 28.4%
2 – South Korea: 5.2%
3 – China (inc. Hong Kong): 4.9%
4 – Russia: 4.4%
5 – Brazil: 3.7%
6 – France: 3.6%
7 – Germany: 3.4%
8 – Turkey: 3.2%
9 – Poland: 2.7%
10 – United Kingdom: 2.4%
11 – Romania: 2.3%
12 – Mexico: 1.9%
Other : 33.9%
Despite these high-profile lawbreakers being put away, the US continues to relay far more spam than any other nation on the planet. This level of activity can't be attributed solely to the slick operations of a few cash-hungry criminals.
“The problem is that thousands of spammers use thousands of compromised zombie computers in the US. The only way to reduce the problem is if US authorities invest a lot more in educating computer users of the dangers, while ensuring ISPs step up their monitoring efforts to identify these compromised machines as early as possible,” says Brett Myroff, CEO of master Sophos distributor, NetXactics.
According to Sophos, while the US has risen substantially in the spam stakes, neighbouring Canada has continued to make good progress in eradicating the spam problem, further reducing its spam-relaying figure during Q3 to just 0.8%.
The US could learn from its northern neighbour, which is combating the spread of spam thanks to the Government's Task Force on Spam. "Canada got its act together early, publishing its 'Anti-Spam Action Plan' in 2004, and since then has made a sustained effort to engage ISPs, businesses and consumers to really crack down on the problem,” says Myroff. “Canadian computer users do, however, have every right to be frustrated. Even though they're hardly contributing to the spam problem, they're doubtless continuing to receive a wad of unsolicited email that's being relayed south of the border."
During August 2007 Sophos identified a series of large-scale malware attacks made via spam email, with weblinks inserted into spam messages that directed recipients to malicious websites designed to infect their PCs.
One such campaign involved eCard spam, with an estimated nine million malicious eCard messages being sent out within a 48-hour period.
Users that visited the link contained in the message would not receive an eCard, but would find their PC infected by the JSEcard Trojan horse, thus exposing it to further threats. Similar campaigns were launched that offered pictures of nude celebrities, YouTube movies, and pop music videos, providing recipients clicked on the malicious link enclosed.
Having been first identified in June 2007, August saw a dramatic rise in the amount of PDF spam being relayed, only for it to tail away in similarly dramatic fashion shortly after.
In early August SophosLabs identified a new spam message with an attached PDF file, urging internet users to purchase shares in a company called Prime Time Group. The spike in spam was so significant that it resulted in the amount of spam seen by Sophos's global traps rising by 30% in 24 hours.
However, just weeks later, levels of PDF spam had dropped to virtually zero – evidence that the new tactic had failed in its attempts to encourage investment. Sophos experts note that PDF spam is not an immediate way of communicating with an audience, particularly when compared to a marketing message within an email client's preview pane, which may account for why it did not resonate with recipients.
The massive rise in the US's relaying caused North America to overtake Asia and Europe to become the biggest spam-relaying continent during Q3 2007. Asia followed close behind, due to the large number of individual Asian nations relaying spam, while Europe managed to reduce its overall figure by 3.7%.
The breakdown of spam-relaying for July to September 2007 by continent is as follows:
1 – North America: 32.3%
2 – Asia: 31.1%
3 – Europe: 24.8%
4 – South America: 9.1%
5 – Africa: 2.1%
Sophos recommends that computer users ensure they keep their security software up-to-date, as well as using a properly configured firewall and installing the latest operating system security patches.
“Businesses must also look to implement a best practice policy regarding email account usage,” Myroff adds.