Print 21 comment(s) - last by jonp.. on Dec 11 at 11:34 AM

"But Edward, don't you know the U.S. is running out of spam? Why before you know it, there might not be any left... Let's move to Brazil!"  (Source: The Logo Factory)
Spam originating in the U.S. drops over 20%

Chalk this one up to global warming, or perhaps some diligent federal prosecution efforts by the FBI -- spam originating in the U.S. is trending downward.  The move marks the first time in several years at least that the U.S. has relinquished the dubious distinction as being the king of spam.

Spam largely evolved in the U.S. in the mid 1990s, when it reached levels of mass annoyance.  Today it makes up 80 to 85 percent of the world's email.  A 2007 study by security firm Sophos showed spam to be alive and kicking in the U.S.  It found that 28.4 percent of spam comes from U.S. computers, followed by South Korea in distant second with 5.2 percent.

Now the tables have turned and the U.S. finds itself in second place.  According to security researchers at Cisco, spam originating in the U.S. actually decreased 20.3 percent this year to 6.6 trillion emails, down from the record 8.3 trillion emails a year before.  Brazil, which was fifth place in the 2007 study has jumped into first place with 7.7 trillion emails.  This is a pretty impressive gain, considering it only accounted for 2.7 trillion messages in 2008.

Cisco Fellow Patrick Peterson comments, "I'm not completely surprised to see U.S falling to number two in the spam stats, but I didn't expect it to happen yet.  I was really gratified to see the actual spam volume decrease, not just ranking, but we [also] decreased the amount of spam that is pouring out of the United States."

Spam these days is mostly an automated affair, originating from botnets of infected computers.  In the U.S. botnets in 2009 dipped, thanks in part to more informed consumers and free security products, such as Microsoft's security essentials.  Tighter security in Microsoft's Windows 7 also is playing a role in cutting spam.

Another pivotal factor is the shutdown of U.S. spam host McColo in 2008. 

While spam originating in the U.S. is falling, Mr. Peterson still fears that it may find a new home and flourish on social network.  He states, "The success and focus on social networking by attackers is also a surprise.  If you look at the time it took for criminals to evolve spam tools and Web-exploit tools, it was a three-year curve. I think that criminals in less than 12 months have developed the business models, ecosystem, and techniques to monetize this very quickly."

Most social network attacks at this point are limited to social engineering schemes and guessing at common passwords.  Still, the attacks are evidence of a growing new problem.  Their success, as is often the case, is largely owed to the poor security savvy of web users.  States Mr. Peterson, "At the end of the day the human is the weak link."

For now he advises users to switch to more complex passwords in order to safeguard their accounts and keep the spammers on the run.  He also suggests to avoid using the same password on different networks.  He describes, "I'm aware primarily of simple password attacks.  Right now that's such fertile ground that I haven't seen a lot of criminal focus or success around the other mechanisms."

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By amanojaku on 12/9/2009 8:06:58 AM , Rating: 2
Momma, don't take my spam away!

I wonder just how much bandwidth spam takes up today? If +80% of email is spam (complete with attachments and such) what would the effect of "eliminating" spam be? Maybe ISPs should work together to find effective methods of filtering this stuff as a way of reclaiming bandwidth.

At a contract a few years ago I was able to cut bandwidth down by nearly 50% because I filtered unknown addresses from accessing port 25 in. The risk was loosing mail, until contacted by clients with their trusted sites lists, but it was better than doubling capacity at our expense.

By blowfish on 12/9/2009 8:24:56 AM , Rating: 1
My ISP uses port 25 blocking amongst other things, and we never get spam. Of course that doesn't mean the spam isn't being sent out, but at least it never gets thru to us.

Some legitimate email is also blocked, but I can usually find a way to get it thru - normally involving the sender using a hotmail or gmail account instead.

By contrast, with our previous ISP some years ago, there was the usual Viagra spam on a regular basis.

By SoulBlighter on 12/9/2009 8:53:35 AM , Rating: 2
Blocking of port 25 doesnt mean that your computer cant generate spam or your isp is spam free. And in many case many of the computer generating spam, the owners arent aware of the problem, thanks to worm and trojans.
The current spam folder or smap box has taken away the junk which in old day one has to remove manually, but isnt the solution of the problem. I believe tighten restrictions are required in order to enforce some kind of law to block pool of IPs generating spam from perticular ISP, resulting ISP to work on their networks and if necessary work with their clients to eliminate spam generating computers.

By muckymuck on 12/9/2009 9:47:29 PM , Rating: 2
Ya know, SPAM can be eliminated in one day!
All any of the mail service has to do is write a few lines of codes. The answer?


Google it if you don't know what it is.
I had a free webmail setup like yahoo, google etc. and never ever got a single SPAM in 8 months!
No one of the thousands who signed up with my system got one single spam. Ihave dismantled the system because am not in a business to continue this experiment.... just to prove a point.

It's purely idiotic that yahoo, google can't eliminate it.
Takes 15 minutes of codes and you're done.
I know, because I did it.
It's just pure BS that they can't eliminate SPAM.
Yes, they will send it, but if no one SEE it and REACT to spam, it will go away, because they make no money.

Yahoo will gladly sell you spam guard a year that's absulutely worthless!
It's all about money.
If am not mistaken one of the free mail server has "white list" and no one ever gets spam.

By jonp on 12/11/2009 11:34:28 AM , Rating: 2
couldn't ISPs provide different levels of outgoing emails by account to cut off becoming a spam source? it really seems that ISPs have all of the tools and resources to stop follow the money. they must gain some monetary advantage by allowing it.....hmmmm

By Motoman on 12/9/2009 10:47:47 AM , Rating: 2
That kind of port blocking from your ISP has nothing to do with whether or not you recieve is meant to help prevent you from generating spam.

By kkshoe1210 on 12/9/09, Rating: -1
"Can anyone tell me what MobileMe is supposed to do?... So why the f*** doesn't it do that?" -- Steve Jobs

Copyright 2015 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki