Endpoint
7/16/2013
05:21 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

U.S. Still Tops Spam-Relaying 'Dirty Dozen' Countries

Three new companies enter Sophos' top 12

BOSTON, MA – July 16, 2013 – Sophos has published the latest 'Dirty Dozen' of spam relaying countries, covering the second quarter of 2013. As the US retains the top spot among spam-relaying countries, Belarus makes a significant jump into second place. And three new countries enter the top twelve--Ukraine, Kazakhstan and Argentina, while three other countries exit the Dirty Dozen--France, Peru and South Korea.

Dirty Dozen Rating by Population

With more than a billion people and an increasing demand for internet access in both countries, it's no surprise to see China and India in the Dirty Dozen; and with more than 300 million people and the lion's share of the world's internet connectivity, it's also no shock that the US leads outright. So what happens when spam scores are scaled up or down in proportion to each country's population?

Half of the volume-based countries are gone, and others that would usually fly under the radar when measured on spamming volume alone, like Luxembourg and Singapore, suddenly burst onto the scene. This doesn't mean that Singapore is replete with spam-related cybercriminality.

Although the Dirty Dozen denotes the extent to which a country's computers are used for delivering spam, it doesn't identify where the spammers themselves are located. That's because most spam is sent indirectly these days, especially if it is overtly malevolent, such as:

· Phishing emails: These try to lure you into entering passwords into mock-ups of a real site such as your bank or your webmail account.

· Malware links: These urge you to click links that put you directly in harm's way by taking your browser to hacked websites.

· Malware deliveries: These use false pretences, such as fake invoices, to trick you into opening infected attachments.

· Identity theft: These invite you to reply with personally identifiable information, often by claiming to offer work from home opportunities.

· Investment scams: These talk up investment plans that are at best unregulated and at worst completely fraudulent.

· Advance fee fraud: These promise wealth or romance, but there are all sorts of fees, bribes and payments to hand over first.

"Remember that the Dirty Dozen doesn't tell us from where the spam originates," said Paul Ducklin, Sophos security evangelist. "It tells us how spam gets relayed from the crooks to their potential victims. Even if you're the most law-abiding citizen of the most law-abiding country in the world, you might be helping to project your own country into the Dirty Dozen if you don't take security seriously on your own computer. It may sound corny, but security really does begin at home."

There are a few simple precautions can help enormously, according to Ducklin. These include "timely security patching, an up-to-date anti-virus and a healthy skepticism about unwanted attachments and 'too good to be true' offers. By taking these steps, you'll not only protect yourself, but also help to protect everyone else at the same time."

Additional information about the latest dirty dozen report can be found on Sophos' Naked Security site at: http://nakedsecurity.sophos.com.

About Sophos

More than 100 million users in 150 countries rely on Sophos' complete security solutions as the best protection against complex threats and data loss. Simple to deploy, manage, and use, Sophos' award-winning encryption, endpoint security, web, email, mobile and network security solutions are backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-3304
Published: 2014-10-30
Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

CVE-2013-7409
Published: 2014-10-30
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.

CVE-2014-3446
Published: 2014-10-30
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.

CVE-2014-3584
Published: 2014-10-30
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.

CVE-2014-3623
Published: 2014-10-30
Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vect...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.