Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/22/2009
12:08 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Sophos Releases Latest "Dirty Dozen" Spam Report

Five years on, spam continues to plague users, as United States ends another year at the top of the Dirty Dozen spam-relaying league

BOSTON - January 22, 2009 - IT security and control firm Sophos has published its report on the latest trends in spam, and revealed the top twelve spam-relaying countries for the final quarter of 2008. The investigation reveals that, five years after Bill Gates predicted spam would be eradicated, it remains a major problem for computer users as spammers veer away from traditional techniques and get creative - with no end in sight.

On January 24, 2004 at the World Economic Forum in Davos, Switzerland, Bill Gates declared that spam would be 'a thing of the past' within two years. However, with the prophecy's five-year anniversary approaching, experts at SophosLabs have revealed that the latest figures for Q4 2008 indicate that spam is still causing problems for computer users and assuming more guises than ever before. Furthermore, more spam is malicious and often designed to infect users' computers via sophisticated malware attachments or a link to malicious or infected websites, in order to steal sensitive information.

"The rumors of spam's death have been greatly exaggerated over the years - the threat remains alive and kicking despite increased legal action against spammers, the occasional takedown of Internet companies which assist the cybercriminals, and constantly improving anti-spam software," said Graham Cluley, senior technology consultant at Sophos. "Many IT professionals cast doubt on Bill Gates' assertion back in 2004, deeming the timeframe of his pledge to be unrealistic. Although the latest stats show that the proportion of spam relayed per country may have decreased year-on-year, spammers have turned to more creative - not to mention devious - methods to ensure their messages reach as many unsuspecting computer users as possible."

NEW AVENUES OF SPAM ATTACK

Cybercriminals have shown an increased attraction to social networking sites like Facebook and Twitter during this last quarter, indicating that spammers are successfully adapting their methods to suit the current environment. These sites have become part of many computer users' daily routine - whether it's logging on to see what their friends are up to, viewing photos, or updating their status, masses of personal information are updated every minute. Such frequent use makes social networking sites a prime target for spammers and malware authors who typically attempt to break into innocent users' accounts and take advantage of trusted social networks to send spam and malware.

For example, in November, Sophos reported that Facebook had won an $873 million judgment against a Canadian man who bombarded millions of Facebook members with unsolicited spam messages. The spammer tricked users into revealing their passwords and usernames, and then used the information to gain access to their personal profiles. Facebook claimed that the man then sent out more than four million messages promoting products from marijuana to sexual enhancement drugs.

"Spammers really took to using sites like Facebook and Twitter as a vehicle for their spam antics during the last three months of 2008," continued Cluley. "Cybercriminals have cottoned onto the fact that social networking users can be more easily fooled into clicking on a link that appears to have come from a trusted Facebook friend, than if it arrived as an unsolicited email in their inbox. The notorious Nigerian 419 scammers have even evolved, masquerading as Facebook friends in order to trick unwary users into parting with valuable sensitive and financial information. Ultimately, while users are still falling for these scams, the fraudsters will continue. And while the authorities are making great progress, everyone must take steps to ensure they don't fall victim."

UNITED STATES RETAINS ITS CROWN AS SPAM KING

Between October and December 2008, the United States relayed most of the world's unwanted emails. China has leapt back into second place, relaying a larger proportion of spam than it did in 2004, and Russia retains third position. In contrast, other nations like Canada, Japan and France - serial offenders five years ago - appear to have made progress and are no longer present in the list of spam reprobates.

"Although there's no denying that some countries have significantly reduced their contribution to the spam epidemic over the past five years, the United States still holds the crown," said Cluley. "Though its spam contribution has significantly decreased since Bill Gates' proclamation - falling from almost half of all spam relayed at the end of 2004, to 21.3 percent by the end of 2007, and now resting at 19.8 percent - this shows there's certainly no quick fix."

Sophos identified the top twelve countries responsible for relaying spam across the globe between October-December 2008:

1. United States 19.8% 2. China (incl. HK) 9.9% 3. Russia 6.4% 4. Brazil 6.3% 5. Turkey 4.4% 6. South Korea 4.1% 7. India 3.6% 8. Italy 3.0% 9. Spain 2.9% 10. United Kingdom 2.7% 11. Germany 2.4% 12. Argentina 2.1% Other 32.4%

SPAM RELAYED BY CONTINENT, OCTOBER-DECEMBER 2008

Asia continues to deliver over one third of all spam, and when combined with Europe, the two continents relay almost two thirds of the world's unwanted emails.

1. Asia 37.8% 2. North America 23.6% 3. Europe 23.4% 4. South America 12.9% 5. Africa 1.4% Other 0.9%

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against viruses and spam.

About Sophos Sophos provides solutions that enable enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control and endpoint solutions simplify security to provide an integrated defense against malware, spyware, intrusions, unwanted applications and policy abuse. Sophos complements these solutions with innovative email and web security products that filter traffic for security threats, spam and policy infringements.

With over 20 years of experience, Sophos's reliably engineered security solutions and services protect more than 100 million users in over 140 countries. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Oxford, UK and Boston, U.S. More information is available at www.sophos.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18629
PUBLISHED: 2021-03-04
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a com...
CVE-2019-18628
PUBLISHED: 2021-03-04
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information dis...
CVE-2021-21331
PUBLISHED: 2021-03-03
The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive info...
CVE-2021-27940
PUBLISHED: 2021-03-03
resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter.
CVE-2021-21312
PUBLISHED: 2021-03-03
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/documen...