24 October 2007
Sophos reveals "dirty dozen" spam-relaying countries for Q3 2007
US captures high-profile spammers, but general computer security remains worryingly lax
IT security and control firm Sophos has published its latest report on
the top twelve spam-relaying countries over the third quarter of 2007.
Experts at SophosLabs scanned all spam messages received in the
company's global network of spam traps, and have revealed that yet
again the US relayed more spam than any other nation, accounting for a
massive 28.4 percent - meaning that almost one in three of all the
world's spam emails is being sent through a compromised US computer.
The gap between the US and its nearest rival has also increased
significantly, with second placed South Korea only responsible for
relaying 5.2 percent, or one in twenty spam messages.
The top twelve spam-relaying countries are as follows:
| Position |
Country |
Percentage |
| 1 | United States |
|
| 2 | South Korea |
|
| 3 | China (inc.Hong Kong) |
|
| 4 | Russia |
|
| 5 | Brazil |
|
| 6 | France |
|
| 7 | Germany |
|
| 8 | Turkey |
|
| 9 | Poland |
|
| 10 | United Kingdom |
|
| 11 | Romania |
|
| 12 | Mexico |
|
| Others | 33.9% |
"It seems as though a major American spammer is arrested every other
week at the moment, but despite these high-profile lawbreakers being
put away, the US continues to relay far more spam than any other
nation on the planet," said Carole Theriault, senior security
consultant at Sophos. "This level of activity can't be attributed
solely to the slick operations of a few cash-hungry criminals. The
problem is there are thousands of spammers using many thousands of
compromised zombie computers in the US. The only way we're going to
reduce the problem is if US authorities invest a lot more in educating
computer users of the dangers, while ensuring ISPs step up their
monitoring efforts to identify these compromised machines as early as
possible."
According to Sophos, while the US has risen substantially in the spam
stakes, neighbouring Canada has continued to make good progress in
eradicating the spam problem, further reducing its spam-relaying
figure during Q3 to just 0.8 percent.
"The US needs to take note and learn from its northern neighbour,
which is doing a sterling job of combating the spammers, thanks in no
small part to the Government's Task Force on Spam," continued
Theriault. "Canada got its act together early, publishing its
'Anti-Spam Action Plan' in 2004, and since then has made a sustained
effort to engage ISPs, businesses and consumers, to really crack down
on the problem. Canadian computer users have every right to be
frustrated - even though they're hardly contributing to the spam
problem, they're doubtless continuing to receive a wad of unsolicited
email that's being relayed south of the border."
Malicious spam growth
During August 2007 Sophos identified a series of large-scale malware
attacks made via spam email, with weblinks inserted into spam messages
that directed recipients to malicious websites designed to infect
their PCs.
One such campaign involved ecard spam, with an estimated nine million
malicious ecard messages being sent out within a 48-hour period.
Users that visited the link contained in the message would not receive
an ecard, but would find their PC infected by the JSEcard Trojan
horse, thus exposing it to further threats. Similar campaigns were
launched that offered pictures of nude celebrities, YouTube movies,
and pop music videos, providing recipients clicked on the malicious
link enclosed.
The death of PDF spam?
Having been first identified in June 2007, August saw a dramatic rise
in the amount of PDF spam being relayed, only for it to tail away in
similarly dramatic fashion shortly after. In early August SophosLabs
identified a new spam message with an attached PDF file, urging
internet users to purchase shares in a company called Prime Time Group
Inc. The spike in spam was so significant that it resulted in the
amount of spam seen by Sophos's global traps rising by 30 percent in
24 hours.
However, just weeks later, levels of PDF spam had dropped to virtually zero - evidence that the new tactic had not been entirely successful in its attempts to encourage investment. Sophos experts note that PDF spam is not an immediate way of communicating with an audience, particularly when
compared to a marketing message within an email client's preview pane,
which may account for why it did not resonate with recipients.
Spam relayed by continent
The massive rise in the US's relaying caused North America to overtake
Asia and Europe to become the biggest spam-relaying continent during
Q3 2007. Asia followed close behind, due to the large number of
individual Asian nations relaying spam, while Europe managed to reduce
its overall figure by 3.7 percent.
The breakdown of spam-relaying by continent is as follows:
| Position |
Continent |
Percentage |
| 1 | North America |
|
| 2 | Asia |
|
| 3 | Europe |
|
| 4 | South America |
|
| 5 | Africa |
|
| Others | 0.6% |
Sophos recommends that computer users ensure they keep their security software up-to-date, as well as using a properly configured firewall and installing the latest operating system security patches. Businesses must also look to implement a best practice policy regarding email account usage.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security
solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
See also:
Security news
Security news
