Sophos reveals "dirty dozen" spam relaying countries for April-September 2005

Sophos Press Release

US remains worst spamming nation as impact of zombie computers rises

Sophos, a world leader in protecting businesses against viruses, spyware and spam, has published its latest report on the top twelve spam relaying countries over the last six months.

Experts at SophosLabs™ scanned all spam messages received in its global network of spam traps, and have revealed the top twelve spam sending countries. The United States remains the worst offender, but is relaying substantially less of the world's spam than it did a year ago, while Sophos also found that over 60% of spam is now generated from zombie computers - hijacked PCs infected by malware. This technique means that the culprits do not have to be in the same country as the innocent computers they are using to send their spam.

The top twelve spam relaying countries are as follows, with the figures in brackets denoting the spam relayed by each country in the same period in 2004:

April - September, 2005

1. United States 26.35% (41.50%)
2. South Korea 19.73% (11.63%)
3. China (incl Hong Kong) 15.70% (8.90%)
4. France 3.46% (1.27%)
5. Brazil 2.67% (3.91%)
6. Canada 2.53% (7.06%)
7. Taiwan 2.22% (0.86%)
8. Spain 2.21% (1.04%)
9. Japan 2.02% (2.66%)
10. United Kingdom 1.55% (1.07%)
11. Pakistan 1.42% New entry
12. Germany 1.26% (1.02%)
Others 18.88% (18.10%)

Whilst the United States, South Korea and China still account for over 50% of all spam, the USA and Canada have done well to reduce their contribution to the problem. Sophos has seen a sharp drop in spam sent from North American computers due to a number of factors, including jail sentences for spammers, tighter legislation and better system security.

"Efforts such as ISPs sharing knowledge on how to crack down on spammers, and authorities enforcing the CAN-SPAM legislation, have helped North America tackle the spammers based on their doorsteps. Some of the most prolific spammers have been forced to either quit the business or relocate overseas as a result," said Graham Cluley, senior technology consultant for Sophos. "The introduction of Windows XP SP2 a year ago, with its improved security, has also helped better defend home users from computer hijacking. The worry now is that devious spammers will turn to other net-based money-making schemes, such as spyware and identity theft malware to make their dirty money."

Feeling the impact of international awareness and country-specific legislation, spammers are increasingly turning to illegitimate providers to fuel their success and their key partners in crime are virus writers and hackers. By taking control of unprotected PCs, hackers can relay spam, launch denial-of-service attacks or steal user information, without the computer owners being any-the-wiser.

"There are fortunes to be made from the dark side of the internet, and spammers who are finding it harder to sell goods via bulk email are likely to turn to other criminal activities," continued Cluley. "What the chart reveals is that spammers and virus writers can exploit unprotected computers anywhere in the world to send out their unwanted messages - everyone has a part to play in the fight against spam."

Sophos recommends that computer users ensure they keep their anti-virus software up-to date, as well as using a properly configured firewall and installing the latest operating system security patches, to reduce the risk of their PCs becoming part of a zombie network. Businesses must also look to implement a best practice policy regarding email account usage.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at www.sophos.com/company.