New spam-related webpage found almost every three seconds, Sophos reports

April 14, 2008 Sophos Press Release

IT security and control firm, Sophos, has published its latest report on the top twelve spam-relaying countries for the first quarter of 2008.

Experts at SophosLabs scanned all spam messages received in the company's global network of spam traps, and have revealed that 92.3 percent of all email sent during the first three months of 2008 was spam. In addition, during this period, Sophos found 23,300 new spam-related webpages every day, or one about every three seconds.

For the first time, Turkey's contribution to the global spam problem puts it in the top three offending countries. Compromised computers in Turkey are now responsible for relaying 5.9 percent of the world's spam, compared to 3.8 percent in the final quarter of 2007.

Between January and March 2008, the US and Russia maintained first and second place respectively, but both countries did manage to reduce their contribution to the worldwide spam problem compared to the final three months of 2007. However, over the last year the number of spam messages sent from compromised Russian computers has more than doubled. In the first quarter of 2007, Russia was in tenth position in the chart, relaying just three percent of the world&'s spam - today this figure stands at 7.4 percent.

Elsewhere in the chart, the UK is at number ten, responsible for relaying 3.4 percent of all spam, up from 2.5 percent and 12th place in the final quarter of 2007.

The top twelve spam-relaying countries are as follows:

Position Country Percentage
1 United States
15.4%
2 Russia
7.4%
3 Turkey
5.9%
4 China (inc. Hong Kong)
5.5%
5 Brazil
4.3%
6 South Korea
4.0%
7 Poland
3.8%
8 Italy
3.6%
9= Germany
3.4%
9= United Kingdom
3.4%
10 Spain
3.3%
11 France
3.2%
Others 36.8%

"Turkey's appearance in the top three makes for an interesting realignment so early on in the year, but does not mean that other countries can give up the fight - spam is a global problem and must be tackled as such," said Carole Theriault, senior security consultant at Sophos. "The US continues to relay far more spam than any other country, but the gap is closing, suggesting that users may be receiving more education on safe computing and becoming more security savvy than before."

Spam-related webpages

Sophos experts note that the rate at which new spam-related webpages are being created is particularly worrying for businesses, and all organisations must ensure that their spam filters are up to date and able to defend against the latest threats. By inserting weblinks into their messages, spammers are hoping to avoid less sophisticated filters and trick unwary computer users into visiting the webpage and subsequently infecting their PCs.

As long as spammers continue to make money from these nasty ruses, the spam plague will continue, said Theriault. Businesses must wise-up to this threat and recognise the importance of quarantining spam messages before they are delivered to the unsuspecting user. If the right security measures are put in place, businesses can not only save time and money, but can also protect their users from wider, malicious web-based threats, which commonly originate as spam emails with links to infected sites.

Spam by continent

Sophos's breakdown of spam-relaying countries by continent is as follows:

Position Country Percentage
1 Asia
34.3%
2 Europe
30.7%
3 North America
18.9%
4 South America
14.2%
5 Africa
1.1%
Others 0.8%

Asia and Europe continue to dominate the spam by continent chart, accounting for 65 percent of the world's spam in the first quarter of 2008. Both continents experienced an increase in the proportion of spam relayed compared to the last quarter of 2007, with Asia's figure rising from 32.1 percent to 34.3 percent, closely followed by Europe which increased from 27.1 percent to 30.7 percent. North America remains in third place, but has managed to further reduce the amount of spam it relays from 26.5 percent during the last quarter, to 18.9 percent.

"Spam is a worldwide issue that affects everyone who owns a computer," continued Theriault. "This quarter's figures show that the swarms of financially-motivated criminals are now controlling more zombie-machines in Asia and Europe, compared to the Americas. The considerable increase in the amount of spam relayed by these top two offenders does not mean that spammers are based in these continents, but that the computers in these regions remain poorly defended. If users do not make a conscious effort to improve their computer security, as well as keeping it up-to-date, then they may as well hand their machines over to the hackers for use as malware spreading botnets."