Risk
7/14/2010
11:30 AM
50%
50%

US Extends Spam Lead

Twice as much spam comes from the United States as any other country in the world, finds Sophos.

Received a spam e-mail lately? No matter where you are in the world, statistically speaking, a report finds that it's most likely to have come from the United States.

Indeed, according to security firm Sophos, which released the study, in the second quarter of 2010, 15.2% of all global spam messages emanated from the United States, an increase from the 13.1% seen in the first quarter of 2010. Rounding out the top five list of global spam-generating countries were India (7.7%), Brazil (5.5%), the United Kingdom (4.6%), and South Korea (4.2%).

In addition, the study found that 97% of all e-mails received by business e-mail servers are now spam.

On a more regional level, from the first to second quarter of 2010, Europe overtook Asia for the sheer volume of spam being generated, reported Sophos. Today, 35% of all spam arrives via European PCs, followed by computers in Asia (30.9%), North America (18.9%), South America (11.5%), and Africa (2.5%).

The problem with spam, beyond the annoyance factor, is twofold. First, "spam is becoming increasingly malicious -- not just advertising unwanted goods, but spreading links to malicious websites and computer-infecting malware," according to a statement released by Sophos.

Second, the lion's share of spam emanates from compromised -- aka zombie -- PCs controlled by massive, distributed botnets such as Zeus, which can be created and managed using automated botnet toolkits, which lowers the barrier to entry for criminals without advanced coding skills.

"These cybercriminals are motivated by money --- and they don't just use your hacked PC to spread spam, but also to steal your identity and bank account information, to launch denial-of-service attacks, and to distribute malware to recruit even more innocent computers into their army," said Graham Cluley, senior technology consultant, in a Sophos blog post.

Will spam ever die? Given the financial incentives, don't bet on it, said Cluley. "Spam will continue to be a global problem for as long as it makes money for the spammers. It makes commercial sense for the criminals to continue if even a tiny proportion of recipients clicks on the links."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.