USA extends lead as top spamming nation as European output rises, Sophos reports

Sophos Press Release

The UK jumps from ninth to fourth place in the 'Dirty Dozen' of spam-relaying countries

IT security and control firm Sophos has published its latest report into the top twelve spam relaying countries, covering the second quarter of 2010. The USA continues to be the number one spam polluter, piping out 15.2% of all global spam messages - an increase from 13.1% in the first quarter of 2010.

The UK - a nation that last year fell out of the spam hall of shame - also saw a significant rise in the proportion of spam it relayed. With a total output of 4.6% of the world's spam, this puts the UK in fourth place overall compared with ninth earlier this year.

The top twelve spam relaying countries for April - June 2010

1. USA 15.2%
2. India 7.7%
3. Brazil 5.5%
4. UK 4.6%
5. S Korea 4.2%
6. France 4.1%
7. Germany 4.0%
8. Italy 3.5%
9. Russia 2.8%
10. Vietnam 2.7%
11. Poland 2.5%
12. Romania 2.3%
Other 40.9%

Sophos warns that spam is becoming increasingly malicious - not just advertising unwanted goods, but spreading links to malicious websites and computer-infecting malware.

"It's sad to see spam relayed via compromised European computers on the rise - the UK, France, Italy and Poland have all crept up the rankings since the start of the year," said Graham Cluley, senior technology consultant at Sophos. "Financially-motivated criminals are controlling compromised zombie computers to not just launch spam campaigns, but also to steal identity and bank account information. It's an uphill struggle educating users about the dangers of clicking on links or attachments in spam mails, and that their computers may already be under the control of cybercriminals. Businesses and computer users must take a more proactive approach to spam filtering and IT security in order to avoid adding to this global problem."

This rise in spam email generated in individual European countries is reflected in the breakdown of spam relayed by continent:

Top spam-relaying continents, April - June 2010

1. Europe 35.0%
2. Asia 30.9%
3. N America 18.9%
4. S America 11.5%
5. Africa 2.5%
Other 1.2%

Europe has leapfrogged over Asia to become the most prolific continent for spamming. Although the USA continues to be the top spam-relaying country, North America remains in third place by continent, a long way behind Asia and Europe.

"Spam will continue to be a global problem for as long as it makes money for the spammers. It makes commercial sense for the criminals to continue if even a tiny proportion of recipients clicks on the links," explained Cluley. "Too many computer users are risking a malware infection that sees their computer recruited into a spam botnet. To combat the spammers, it's not only essential for computer users to run up-to-date security software, they must also resist the urge to purchase products advertised by spam."

Spam emails make up 97% of all emails received by business email servers, both putting a strain on network resources and wasting a huge amount of time to lost productivity. Used largely as a method for selling counterfeit or illicit goods, virtually all spam comes from malware infected computers (known as bots or zombies) that are controlled by 'botherder' cybercriminals.

Computer users can unwittingly allow their PCs to become part of a botnet in a number of ways, including clicking on malicious links that are frequently contained within the spam messages that the botnets are used to distribute. The best way for users and administrators to reduce the risk of being compromised is to run anti-spam and anti-malware protection, behave sensibly when online, and ensure their systems are up-to-date with security patches.

Sophos recommends that companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against spam and viruses.

More than 100 million users in 150 countries rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos’ award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers. Sophos is headquartered in Oxford, U.K., and is publicly traded on the London Stock Exchange under the symbol “SOPH.” More information is available at