Risk
2/12/2013
01:06 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

U.S. Is Spam World Champion

One in 60 e-mails contained malware in January

Berlin, February 12, 2013 - It has been two years since Rustock, the world's biggest spam botnet, was shut down and in January 2013 the US was back at the top of the list of spam-generating countries. This is the lead story in the Eleven E-mail Security Report February 2013, which Eleven has released today. With a 10.6 percent share of the total spam volume in the German-speaking region, the US held the top spot, followed by India (6.9 percent), and Romania (6.6 percent), which was the leader in October and November 2012. Good news for Germany: with a 2.3 percent share at No. 13, German IP addresses were no longer in the top ten. Geographically, the distribution of the 10 biggest spammers was comparatively spread out in January 2013: four came from Asia, three from (Eastern) Europe, two from South America, and one from North America. All of the Western European countries have disappeared from the list.

Other important trends at a glance:

- The spam volume plunged in December and January. In December, it dropped by 40.9 percent and in January, by another 15.8 percent. The decline is in line with the trend of previous years: in both 2010/2011 and 2011/2012, the volume of spam dropped sharply at the end of the year.

- The phishing volume rose dramatically in January: the number of e-mails tagged as phishing jumped by 72.4 percent from December to January.

- Virus e-mails also rose in that period. The volume of known and new malware grew by 27% in January. Together, their share of the total e-mail volume reached 1.6 percent. This means that one in every sixty e-mails was transporting malware in January.

- The majority of spam, phishing, and malware campaigns are now country specific. For example, of all the e-mails sent to German recipients, the largest spam and malware waves, and the third-largest phishing wave were all written in German. Several German-language spam waves were also in the top ten.

- The share of spam in the total e-mail volume was 60% in January 2013. In November 2012, the share was 73.9 percent.

- The "classic" spam themes are trending downwards - for example, the share of casino spam, still the most popular spam theme, fell from 34.8 percent to 22.9 percent between November 2012 and January 2013. Pharma spam rose slightly from a record low of 7.9 percent to 12.9 percent. Fake luxury products remained at 4.4 percent. The "winner": dating spam at 18.6 percent.

- At the same time, the range of spam themes has clearly broadened. In January, 39% of the themes were classified as "other", while this number was 21.6 percent in November. One large spam campaign was launched in the name of a technical Web site for strawberry cultivation, for example.

For the complete Eleven E-mail Security Report, visit the Eleven Web site at www.eleven.de/eleven-security-reports.html.

Eleven security blog: www.eleven-securityblog.de

Eleven on Twitter: www.twitter.com/elevensecurity

Eleven E-mail Security Report

Six times a year, the Eleven E-mail Security Report summarizes current statistics and trends with regard to spam and malware. The Eleven research team analyzes the spam and virus e-mails checked by Eleven Managed E-mail Security Services and then compiles and interprets the results. Eleven checks over one billion e-mails every day, and has more than 45,000 installations worldwide.

Eleven - E-mail Security Made in Germany

The leading e-mail security provider from Germany, Eleven uses one-of-a-kind, proprietary eXpurgate technology. The company offers a spam filter and e-mail categorization service that reliably protects customers against spam and phishing e-mails, detects potentially dangerous e-mails, and is also able to differentiate between individual messages and all types of bulk e-mails. eXpurgate also provides a wide range of virus protection options and a high-performance e-mail fire wall.

Worldwide, over 45,000 companies of all sizes use the eXpurgate service. eXpurgate checks and categorizes more than one billion e-mails every day. In addition to Internet service providers and telecommunication service providers such as T-Online, O2, 1&1, and freenet, the list of Eleven customers includes numerous high-profile companies and public institutions such as Air Berlin, BMW, the Federal Association of German Banks, DATEV, Free University Berlin, Landesbank Berlin, RTL, SAP, ThyssenKrupp, and Tobit Software AG. More information at www.eleven.de.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1544
Published: 2014-07-23
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger cer...

CVE-2014-1547
Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1548
Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1549
Published: 2014-07-23
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and applica...

CVE-2014-1550
Published: 2014-07-23
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.