informa
/
Risk
News

China Missing From Top Spammers List

The majority of spam produced globally comes from the United States, followed by India and Brazil. China isn't in the top 15, says a Sophos report.
The United States is rising, and China on the decline.

Economic forecasts? Hardly. Those results come from a new report into the top spam-relaying countries worldwide, released by antivirus vendor Sophos.

The majority of spam -- accounting for more than 13% of spam produced globally -- comes from the United States, followed by India (7.3%), Brazil (6.8%), South Korea (4.8%), Vietnam (3.4%) and Germany (3.2%). Other countries in the top 15 include France, Italy, Poland, Romania, Russia and the United Kingdom.

"All eyes aren't so much on which countries are on the list, but the one which isn't," said Graham Cluley, senior technology consultant at Sophos, in a statement. China, of course, was in the news earlier this year after Google reported that it had discovered "a highly sophisticated and targeted attack" against its servers, which the company traced back to IP addresses in China. "At least in the last 12 months, [China] can demonstrate that the proportion of spam relayed by [its] computers has steadily reduced."

The Sophos results square with a recent report from Symantec, which estimated that 24% of all spam worldwide originated from the United States. The rest of the "top five" producers, in order, were Brazil, the Netherlands, India, and Germany.

On the upside, Symantec did find that that while spam subject lines in 2008 and 2009 tended to riff on fears of the recession, subject lines in 2010 are playing more to the economic recovery via -- admittedly, fraudulent -- job offers.

Indeed, according to Sophos, spam accounts for 97 percent of all email received by servers, which strains enterprise and telecommunications infrastructure. Furthermore, spam often carries malware attachments or links to malicious websites that can exploit vulnerabilities in a PC to impress it into a botnet. Thus continues the spam "cycle of life," with attackers using groups of exploited -- aka zombie -- PCs to launch even more spam, as well as more outright attacks of the variety experienced by Google.

Spam is more than a simple crime of ones and zeros. Last month antivirus vendor McAfee released a "Carbon Footprint of Spam" study which found that transmitting, processing and filtering spam consumes 33 billion kilowatt-hours every year -- equivalent to the electricity required to power 2.4 million homes.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5