As the second anniversary of the CAN-SPAM Act approaches,
experts at Sophos believe the legislation's impact has been
mixed.
The law, which went into effect on 1 January, 2004, was written
to stem the tide of unsolicited email, most notorious for hawking
pornography, low interest loans, and any number of snake oil
medicaments claiming to enlarge body parts, or enhance the sex
lives of recipients.
"Some aspects of the CAN-SPAM Act have certainly been
successful, allowing authorities to prosecute and convict some of
the United States' most notorious spammers," said Graham Cluley, senior
technology consultant for Sophos. "Improved corporate and consumer
security measures and cooperation between internet service
providers have combined with the CAN-SPAM act to reduce the
percentage of spam being relayed from the USA."
However, Cluley added that by placing the responsibility on
individuals to opt-out of email lists rather than require email
marketers to only send messages to individuals who have opted in,
CAN-SPAM has created a large loophole, through which large volumes
of spam can still flow.
Analysis by SophosLabs, the company's global network of security
centers, shows that the volume of spam sent from compromised
computers based in Asia - primarily China and South Korea - is
rapidly filling the void, and continuing to frustrate computer
users around the world. Over 60% of spam is relayed by compromised,
"zombie" computers.
The dirty dozen spam-relaying countries of
2005.
"The unfortunate truth is that spam is a lucrative global
business, driven by criminal intent, and well beyond the ability of
CAN-SPAM to control," Cluley continued. "Individuals and
corporations who do not take proactive measures to protect
themselves from the onslaught are certain to fall victim to the
detrimental effects of spam in one form or another."
For more information about the latest trends in spam and
viruses, read the in-depth Sophos Security Threat Management Report
2005:
Sophos recommends companies protect themselves with a consolidated solution which can defend businesses
from the threats of both spam and viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.