ISPs: Email Abuse Down But Not Out
Messaging Anti-Abuse Working Group (MAAWG) says ISPs, bad guys at a draw when it comes to spam, malicious emailOct 26, 2009 | 09:37 PM
By Kelly Jackson HigginsDarkReading
MESSAGING ANTI-ABUSE WORKING GROUP (MAAWG) GENERAL MEETING -- PHILADELPHIA -- Internet service providers reported a slight dip in email abuse in the second quarter of this year, according to data revealed today by the Messaging Anti-Abuse Working Group (MAAWG) at its general meeting here.
MAAWG, an ISP working group aimed at helping combat spam and more recently, botnet abuse, says that spam and malicious emails dropped to 89 percent in the second quarter from 90.4 percent in the first quarter of 2009. MAAWG gathers the only email abuse data based on reports directly from the ISPs, and its latest data is drawn from 500 million email boxes and 200 billion delivered email messages, says Jerry Upton, executive director of MAAWG.
Researchers from Symantec, McAfee, and Cisco, meanwhile, here also reported slight dips in spam and email abuse in the third quarter, although those rates were higher than MAAWG's second quarter numbers. MAAWG plans to release Q3 numbers in a few weeks.
But Upton says not to read too much into the overall decrease in email abuse reported by ISP's: "This may be a somewhat seasonal pattern -- it may go up" again, he says.
"At times, we're doing better, and at times we're holding our own," he says. "This shows the bad guys aren't winning, but neither are we."
The amount of what the ISPs call "abusive email" has hovered around 90 percent or so over the past year. It hit one of its highest rates in the fourth quarter of 2008, when ISPs reported seeing 94.2 percent of all of their email traffic was spam, malware-ridden, or from known abusive sources.
"And this doesn't mean you are still not seeing spam or unwanted email getting to your inbox" because these numbers represent traffic caught before it hits users inboxes, Upton says.
Meanwhile, Symantec says 94 percent of all email was spam in Q3 and seven-eighths of all spam comes from botnets, according to Sandy Jensen, architect of the anti-spam technology group at Symantec.
Matt Sergeant, a senior antispam technologist for Symantec, also provided a peek at the company's latest data on botnet-based spam. Vietnam broadband users send the most bot-based spam per day -- 1,800 per broadband user -- followed by Brazil, with under 1,500; and Romania, around 1,200. The U.S. sends under 200 bot-bases spam messages per broadband user, he says.
McAfee, meanwhile, saw spam volumes declining to around 93.65 percent for the third quarter, and an average of 4.5 million new bots coming online each month, according to Sam Masiello, researcher for McAfee. "So how are people still being duped?" Masiello says. "You have to remember there are always new users coming on the 'Net -- parents, grandparents, and teenagers that have not necessarily been exposed to the new social engineering tactics available today."
One relatively new arrival on the spam scene is South America, with Venezuela, Argentina, and Columbia each cracking McAfee's top ten spamming countries list. "We might be seeing issues here like when Eastern Europe first starting coming online [with broadband] and we started seeing an uptick in spamming," McAfee's Masiello says.
And Russia's bot hosting activity has dropped significantly, he says, from 5.6 percent to 3 percent of the world's botnet hosting activities.
Cisco also saw a drop in Russian spam volume, from 3.7 trillion messages in 2008 to 2.3 trillion this year so far, says Henry Stern, senior security researcher for Cisco's IronPort team. Brazil leads the pack with 7.7 trillion spam messages, and the U.S. accounts for 6.6 trillion, down from 8.3 trillion last year.
"Spam is still growing significantly, but we've shown we can curb it a bit," Stern says. "We've seen the G-20 [countries] have between 20- to 40 percent less spam sent this year than last," which reflects how ISP's are making headway in fighting messaging abuse, he says.
Even so, with around 90 percent of mail designated as abusive today, the cost of blocking that malicious traffic is high for ISPs: "ISP's are stopping spam a lot at the front door using sophisticated techniques. But that involves significant cost" to them, says Michael O'Reirdan, chairman of MAAWG and distinguished engineer in national engineering and technical operations at a major U.S. ISP.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
Subscribe to RSSSecurity Services Reports
You've Got (Secure) Mail: Using Service Providers to Boost Protection
The SaaS market is still in its infancy, but hosted e-mail security firms are leading the way, thanks to ease of implementation and many obvious benefits. Still, these services are not without risks. In this Dark Reading Tech Center report, we'll discuss how to determine what mix of in-house and hosted email security makes sense for your organization.
Security Services Strategies For Small and Midsize Firms
Infosec managers in small and midsize enterprise often feel like an army of one, constantly pinching pennies. But the paradigm shift from expensive on-premises management to off-premises hosting is good news for you, because today more than ever, the small business has access to large-enterprise security technologies via the phenomenon of subscription-based licensing. In this report, you'll discover how you can use security services strategically to gain economies of scale -- and a really deep bench.
Security Software as a Service: Navigating the New MSSP Landscape
This Dark Reading Security Services Tech Center Report offers advice on how to cut through the hype and claims by SaaS security vendors to get the best fit for your business. It provides a detailed look at the most popular types of cloud-based data protection and gives a rundown on the top service providers vying for your dollars.
Making the Business Case: Security Outsourcing in Financial Services
When it comes to online security, the financial community is under siege. Between the troubled economy, the advent of more sophisticated attacks, and the growing number of threats inside and outside the organization, one thing is clear: financial services firms need help. In this report, we offer a look at the factors that are driving the financial industry toward security outsourcing - and how your institution can find the right provider.
Integrated Security Services: How To Choose The Right Provider Without Getting Burned
Providers ranging from Microsoft to Finallyfast.com offer everything from simple anti-malware, e-mail and content filtering services to sophisticated security applications, all in a single package. In this report, we discuss how to get the best "suite" for your business -- and your budget -- and what to beware of.
Making The Security Outsourcing Decision: A Reader's Guide
For years, enterprises resisted the idea of bringing a third party into their security strategies. Today, however, with security threats proliferating at alarming rates and economic pressures forcing major cutbacks, many companies are rethinking the security outsourcing decision. In this report, you'll learn about the wide variety of security services categories available on the market – their strengths and weaknesses, their costs, and what you should know before you make the outsourcing decision.
Security Services Newsfeed
- Verizon Business Helps Medium-Sized Businesses Combat Cyberthreats With New, Affordable Integrated Security Suite
- Trend Micro Expands its Hosted Security Service And Puts Focus On Channel-Success And Protecting Mobile Workers
- DataInherit Launches A Free High Security Online Password Safe
- McAfee Announces Quickstart Services For SMBs
- Wipro, Trend Micro Unite to Deliver Next-Generation Virtualization Security Solutions For Dynamic Datacenters
- VeriSign Identity Protection Mobile Application on Verizon Wireless Phones Makes Security More Accessible
