On January 24, 2004 at the World Economic Forum in Davos, Switzerland, Bill Gates declared that spam would be 'a thing of the past' within two years. However, with the prophecy's five-year anniversary approaching, experts at SophosLabs have revealed that the latest figures for Q4 2008 indicate that spam is still causing problems for computer users and assuming more guises than ever before. Furthermore, more spam is malicious and often designed to infect users' computers via sophisticated malware attachments or a link to malicious or infected websites, in order to steal sensitive information.
"The rumors of spam's death have been greatly exaggerated over the years - the threat remains alive and kicking despite increased legal action against spammers, the occasional takedown of Internet companies which assist the cybercriminals, and constantly improving anti-spam software," said Graham Cluley, senior technology consultant at Sophos. "Many IT professionals cast doubt on Bill Gates' assertion back in 2004, deeming the timeframe of his pledge to be unrealistic. Although the latest stats show that the proportion of spam relayed per country may have decreased year-on-year, spammers have turned to more creative - not to mention devious - methods to ensure their messages reach as many unsuspecting computer users as possible."
NEW AVENUES OF SPAM ATTACK
Cybercriminals have shown an increased attraction to social networking sites like Facebook and Twitter during this last quarter, indicating that spammers are successfully adapting their methods to suit the current environment. These sites have become part of many computer users' daily routine - whether it's logging on to see what their friends are up to, viewing photos, or updating their status, masses of personal information are updated every minute. Such frequent use makes social networking sites a prime target for spammers and malware authors who typically attempt to break into innocent users' accounts and take advantage of trusted social networks to send spam and malware.
For example, in November, Sophos reported that Facebook had won an $873 million judgment against a Canadian man who bombarded millions of Facebook members with unsolicited spam messages. The spammer tricked users into revealing their passwords and usernames, and then used the information to gain access to their personal profiles. Facebook claimed that the man then sent out more than four million messages promoting products from marijuana to sexual enhancement drugs.
"Spammers really took to using sites like Facebook and Twitter as a vehicle for their spam antics during the last three months of 2008," continued Cluley. "Cybercriminals have cottoned onto the fact that social networking users can be more easily fooled into clicking on a link that appears to have come from a trusted Facebook friend, than if it arrived as an unsolicited email in their inbox. The notorious Nigerian 419 scammers have even evolved, masquerading as Facebook friends in order to trick unwary users into parting with valuable sensitive and financial information. Ultimately, while users are still falling for these scams, the fraudsters will continue. And while the authorities are making great progress, everyone must take steps to ensure they don't fall victim."
UNITED STATES RETAINS ITS CROWN AS SPAM KING
Between October and December 2008, the United States relayed most of the world's unwanted emails. China has leapt back into second place, relaying a larger proportion of spam than it did in 2004, and Russia retains third position. In contrast, other nations like Canada, Japan and France - serial offenders five years ago - appear to have made progress and are no longer present in the list of spam reprobates.
"Although there's no denying that some countries have significantly reduced their contribution to the spam epidemic over the past five years, the United States still holds the crown," said Cluley. "Though its spam contribution has significantly decreased since Bill Gates' proclamation - falling from almost half of all spam relayed at the end of 2004, to 21.3 percent by the end of 2007, and now resting at 19.8 percent - this shows there's certainly no quick fix."
Sophos identified the top twelve countries responsible for relaying spam across the globe between October-December 2008: