USA extends lead as top spamming nation as European output rises, Sophos reports

July 14, 2010 Sophos Press Release

IT security and control firm Sophos has published its latest report into the top twelve spam relaying countries, covering the second quarter of 2010. The USA continues to be the number one spam polluter, piping out 15.2% of all global spam messages - an increase from 13.1% in the first quarter of 2010.

The UK - a nation that last year fell out of the spam hall of shame - also saw a significant rise in the proportion of spam it relayed. With a total output of 4.6% of the world's spam, this puts the UK in fourth place overall compared with ninth earlier this year.

The top twelve spam relaying countries for April - June 2010

1. USA 15.2%
2. India 7.7%
3. Brazil 5.5%
4. UK 4.6%
5. S Korea 4.2%
6. France 4.1%
7. Germany 4.0%
8. Italy 3.5%
9. Russia 2.8%
10. Vietnam 2.7%
11. Poland 2.5%
12. Romania 2.3%
Other 40.9%

Sophos warns that spam is becoming increasingly malicious - not just advertising unwanted goods, but spreading links to malicious websites and computer-infecting malware.

"It's sad to see spam relayed via compromised European computers on the rise - the UK, France, Italy and Poland have all crept up the rankings since the start of the year," said Graham Cluley, senior technology consultant at Sophos. "Financially-motivated criminals are controlling compromised zombie computers to not just launch spam campaigns, but also to steal identity and bank account information. It's an uphill struggle educating users about the dangers of clicking on links or attachments in spam mails, and that their computers may already be under the control of cybercriminals. Businesses and computer users must take a more proactive approach to spam filtering and IT security in order to avoid adding to this global problem."

This rise in spam email generated in individual European countries is reflected in the breakdown of spam relayed by continent:

Top spam-relaying continents, April - June 2010

1. Europe 35.0%
2. Asia 30.9%
3. N America 18.9%
4. S America 11.5%
5. Africa 2.5%
Other 1.2%

Europe has leapfrogged over Asia to become the most prolific continent for spamming. Although the USA continues to be the top spam-relaying country, North America remains in third place by continent, a long way behind Asia and Europe.

"Spam will continue to be a global problem for as long as it makes money for the spammers. It makes commercial sense for the criminals to continue if even a tiny proportion of recipients clicks on the links," explained Cluley. "Too many computer users are risking a malware infection that sees their computer recruited into a spam botnet. To combat the spammers, it's not only essential for computer users to run up-to-date security software, they must also resist the urge to purchase products advertised by spam."

Spam emails make up 97% of all emails received by business email servers, both putting a strain on network resources and wasting a huge amount of time to lost productivity. Used largely as a method for selling counterfeit or illicit goods, virtually all spam comes from malware infected computers (known as bots or zombies) that are controlled by 'botherder' cybercriminals.

Computer users can unwittingly allow their PCs to become part of a botnet in a number of ways, including clicking on malicious links that are frequently contained within the spam messages that the botnets are used to distribute. The best way for users and administrators to reduce the risk of being compromised is to run anti-spam and anti-malware protection, behave sensibly when online, and ensure their systems are up-to-date with security patches.

Sophos recommends that companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against spam and viruses.