subscribe: Daily Newsletter

 

Sophos details ‘dirty dozen’ spam-relaying countries for Q4

0 comments

IT security and control firm Sophos has published its latest report on the top twelve spam-relaying countries over the final quarter of 2007.

Experts at SophosLabs scanned all spam messages received in the company's global network of spam traps, and have revealed a dramatic rise in the proportion of the world's spam messages being sent from compromised Russian computers. The country has stormed into second place, accounting for 8.3% of the world's spam, or one in twelve junk mails seen in inboxes.  
Russia's rise is echoed in Sophos's research into which continents make the greatest contribution to the spam problem – with Asia and Europe overtaking North America.
Between October-December 2007, the US relayed far more spam than any other country – testament to the sheer number of computers in the country that have been taken over by remote hackers.  Representing thelion's share of total spam traffic, the US's 21% slice means that more than one in five of all the world's spam emails was being sent through compromised American computers.
The top twelve spam-relaying countries for October to December 2007 were:
1 – United States: 21.3%
2 – Russia: 8.3%
3 – China (inc. Hong Kong): 4.2%
4 – Brazil: 4%
5 – South Korea: 3.9%
6 – Turkey: 3.8%
7 – Italy: 3.5%
8 – Poland: 3.4%
9 – Germany: 3.2%
10 – Spain: 3.1%
10 – Mexico: 3.1%
12- United Kingdom: 2.5%
Other: 35.7%
South African came in at number 65, with 0,1%.
Responsible for a third of all unwanted email, US and Russia can be viewed as the two dirty men of the spam generation, polluting email traffic with unwanted and potentially malicious messages.
“It's not the case that a third of the world's spammers are based in those countries, but that legions of computers are poorly defended, allowing hackers to break in and turn them into botnets for the spreading of spam and malware,” says Brett Myroff, CEO of master Sophos distributor, NetXactics.
"Financially-motivated criminals are controlling huge proportions of compromised zombie machines to launch these spam campaigns. This is big business for cybercriminals, so the authorities have the daunting task of educating users about the dangers of clicking on links or attachments in spam mails, while also making sure that service providers help in identifying compromised computers," Myroff says.
"This is a worldwide issue, affecting everyone who owns a computer.  Businesses and computer users must take a more proactive approach to spam filtering and IT security in order to avoid adding to the problem."
Using spam to artificially inflate the price of stock is an ongoing spam trend, but October 2007 saw one of the most bizarre schemes ever, when a pump-and-dump campaign used MP3 files in an attempt to manipulate share prices.  In an effort to bypass spam filters, cybercriminals sent out their messages with supposed music files from stars such as Elvis Presley, Fergie and Carrie Underwood, attached.
The files actually contained a monotone voice encouraging people to buy shares in a little-known company.
"Spammers will go to extraordinary lengths to try and ensure that their marketing messages reach their intended pool of victims," Myroff adds.