Sophos reveals "dirty dozen" spam-relaying countries

July 18, 2007 Sophos Press Release

Sophos, a world leader in IT security and control, has published its latest report on the top twelve spam-relaying countries over the second quarter of 2007.

Experts at SophosLabs™ scanned all spam messages received in the company's global network of spam traps, and have revealed that the US continues to relay more spam than any other nation, accounting for 19.6 percent - a decrease of just 0.2 percent from the previous quarter. However, Europe now has six entries in the dirty dozen, which when combined, account for even more spam-relaying than the US.

Sophos notes that the number of compromised PCs continues to rise steadily in Europe.

Location of zombie computers in Europe that sent spam during a 30-minute period
Location of zombie computers in Europe that sent spam during just a 30-minute period. Click to view an expanded graphic.

According to Sophos, the overall global volume of spam rose by around 9 percent during Q2 2007, when compared to the same period in 2006.

The top twelve spam-relaying countries are as follows:

Position Country Percentage of spam relayed
1 United States
19.6%
2 China (including Hong Kong)
8.4%
3 South Korea
6.5%
4 Poland
4.8%
5 Germany
4.2%
6 Brazil
4.1%
7 France
3.3%
8 Russia
3.1%
9 Turkey
2.9
10 United Kingdom
2.8%
10= Italy
2.8%
12 India
2.5%
Others 35.0%

"While the US remains top spam dog, the latest chart emphasises the urgent need for joined-up global action to combat this growing problem," said Carole Theriault, senior security consultant at Sophos. "For every spam campaign, the spammers, the compromised computers used, and the people being deluged by the unsolicited mail are often located in totally different parts of the world. A consolidated effort is needed not only to pursue and prosecute spammers, but also to convince computer users everywhere of the importance of blocking rather than responding to spam messages. Everyone has a part to play if we are to win the global battle against spam."

According to Sophos, the growing number of PCs across the US and Europe, combined with an increase in the amount of internet service providers offering cheap internet access - not all of which have taken adequate steps to prevent spam-relaying activity - are responsible for the strong Euro-American presence in the dirty dozen.

"Once a machine is compromised, it is often used to send out spam for a variety of campaigns," continued Theriault. "In a matter of seconds, we can see compromised systems send messages on a dozen different topics, from stock scams and cheap mortgages, to saucy porn and diet drugs. Internet service providers seriously need to examine whether they're doing enough to monitor whether their users are unwittingly relaying spam as well as educate them about the how to defend their home PCs."

While there have been minor shifts in individual nations' chart positions, the biggest single change occurs in the 'other' section, which has risen from 30.6 percent in Q1 2007 to 35.0 percent in Q2. This suggests that on an individual level, more nations are now responsible for contributing to the problem of spam-relaying. Additionally, having disappeared from the chart in Q1, the United Kingdom has re-entered the dirty dozen in tenth place, responsible for relaying 2.8 percent of the world's spam.

Spam relayed by continent

Despite the strong presence of the US and European nations in the dirty dozen itself, the sheer number of Asian nations relaying smaller amounts of spam meant that Asia proved to be the biggest spam-relaying continent during Q2 2007. While Europe, which topped the chart in Q1 2007, has reduced its percentage by 6.6 percent and fallen to second place, Asia, North America, South America and Africa have all seen rises in spam-relaying activity. Sophos experts predict further levelling of these statistics over the coming months, as spammers start to take advantage of the growing number of inadequately protected computers in the likes of South America and Africa.

The breakdown of spam-relaying by continent is as follows:

Position Continent Percentage of spam relayed
1 Asia
35.2%
2 Europe
28.5%
3 North America
24.2%
4 South America
9.6%
5 Africa
1.6%
Others 0.9%

Sophos recommends that computer users ensure they keep their security software up-to-date, as well as using a properly configured firewall and installing the latest operating system security patches. Businesses must also look to implement a best practice policy regarding email account usage.