Print 40 comment(s) - last by Cullinaire.. on Nov 20 at 1:20 AM

Day-to-day levels of image spam in September and October 2006
It's like the FBI's most wanted list for spam

Spamhaus, an international non-profit organization whose mission is to track the Internet's Spam Gangs, has released list of the top 10 spam offenders of the year.


Of all Internet Service Providers (ISP) in the world, Verizon Business is the number one offender on the list with almost triple the number of current known spam issues as its competitor SBC Communications.


Given that the most spammy ISPs are American, then it should come as no surprise that the United States leads all other countries with 1,983 current known spam issues. The next country in line is China with 304 known issues.


The worst spammers, however, are a different geographic picture, with the top (dis)honor going to Alex Blood of the Ukraine. Out of the top 10 spammers list, more than half were from Eastern Europe. The U.S. made the list twice at spots third and tenth.


Sophos, another company specializing in IT security, has published its own report on the top 12 spam relaying countries over the third quarter of 2006. Sophos’ results differ slightly from those of Spamhaus’, though the leading nations of the United States and China maintain their spots in both.


The United States relays 21.6 percent of the world’s spam, with China at 13.4 percent. The next two closest countries are France and South Korea, both at a comparatively lower 6.3 percent.


"Most unsolicited emails are now sent from zombie PCs - computers infected with Trojans, worms and viruses that turn them into spam-spewing bots. In the past hackers were very reliant on operating system vulnerabilities to convert an innocent computer into a zombie - now they are turning back to malware to trick users into running their malicious code, and opening the backdoor to hackers," said Carole Theriault, senior security consultant at Sophos. "Hundreds of new versions of the Stratio worm have helped steadily increase the volume of spam seen traveling across the net."


Embedding images is the latest tactic employed by spammers, and accounts for nearly 40% of all spam. Since many spam filters work by analyzing text, images have a greater chance of passing through undetected. Animated gifs also pose additional challenges for spam filters with its multiple layers of images.


Spammers are turning to new tricks in order to acquire email addresses. According to the Sophos report, the first asks recipients to forward their chain emails for a fake research project, while another campaign encourages users to visit a video tribute website, which then requests their email address in order to view the full video.


"Integrated anti-malware and anti-spam protection is getting the better of illegal spam peddlers - forcing them to get more creative and crooked. However, if people are playing their security cards right, the spammers' efforts will still be in vain," continued Theriault. "What's most surprising is that those behind these intrusive emails continue to take their chances, despite hefty fines and sentences being dealt out to guilty spammers around the world."

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Topic of Discusion
By EarthsDM on 11/17/2006 7:53:28 AM , Rating: 4
Are spammers human? Should they be burned alive, or is that too humane? Discuss.

RE: Topic of Discusion
By marvdmartian on 11/17/2006 9:25:47 AM , Rating: 1
We could label them terrorists, then have a team of Navy Seals go wipe the floor with them! ;)

Honestly, I wouldn't mind seeing some mega-spammer executed. Might make the others think about just how badly they want to pollute the internet with their garbage! Just think about it.....they're talking about "net neutrality", and it's all because the isp's can't keep up with the demand for bandwidth from some sites. Now consider that all bandwidth-wasting spam is much more bandwidth would that offer to everyone??

RE: Topic of Discusion
By djcameron on 11/17/2006 10:15:24 AM , Rating: 2
I'd like to see them burn the snail-mail spammers at the stake, too. I get the same stupid credit card and mortgage offers day after day. It's annoying and tedious to have to sort through the crap and shed stuff every day.

RE: Topic of Discusion
By cscpianoman on 11/17/2006 11:03:37 AM , Rating: 3
You do know you can opt-out by calling 1-888-5-OPT-OUT, right? They have an option for permanent removal or for five years.

RE: Topic of Discusion
By Christopher1 on 11/17/2006 11:45:54 AM , Rating: 3
Doesn't work. I've tried that myself numerous times, and it just doesn't work, because as soon as you even go to a site that offers credit cards....... BOOOM! Prior connection, so they can spam through regular mail all they want.

RE: Topic of Discusion
By CSMR on 11/17/2006 12:03:37 PM , Rating: 4
It's USPS that is at fault in the US. They give no option not to deliver spam mail. You cannot opt not to receive mail to "the occupant". There needs to be some regulation of the postal services, since a general boycott is not feasable. You don't get junk mail in the UK. You just tell the royal mail you don't want it.

RE: Topic of Discusion
By frobizzle on 11/19/2006 9:43:13 AM , Rating: 2
Why would the USPS want to offer an opt out option? Bulk rate mail (AKA "Junk" or "Spam" mail) is the single biggest money maker for the Postal Service.

RE: Topic of Discusion
By jmunjr on 11/17/06, Rating: 0
RE: Topic of Discusion
By Etsp on 11/17/2006 9:58:30 PM , Rating: 3
you should specify that you were playing a video game... otherwise it might mislead some people...

RE: Topic of Discusion
By Cullinaire on 11/20/2006 1:20:24 AM , Rating: 3
Silly people, you know he meant Seals as in the animals.

With flippers.

Ork Ork

RE: Topic of Discusion
By DigitalFreak on 11/17/06, Rating: 0
RE: Topic of Discusion
By The Sword 88 on 11/17/06, Rating: 0
RE: Topic of Discusion
By CascadingDarkness on 11/17/2006 3:25:23 PM , Rating: 2
I second this. Deleting a bunch of unwanted emails isn't too bad. It's the malware/zombies that get me angry. At the company I work at we need to clean 2-3 a week because people don't listen and d/l icons/toolbars/postcards... I don't blame them too much because their like children when it comes to technology, but hundreds of man hours a year are wasted due to this spamming/spyware junk.

RE: Topic of Discusion
By timmiser on 11/19/2006 12:26:01 AM , Rating: 2
Well then why don't you have your company make their own little company sponsored smiling happy laughing giggling icons so that your employees don't have to go and download them from some poor sources! :)

RE: Topic of Discusion
By Crassus on 11/17/2006 5:53:35 PM , Rating: 2
Spam's not that bad. Just dont open and then delete weird emails. Now using malware to make someone else's computer send spam that's pretty bad.

Guess you're not one of the people who get about 10 useful emails and 500 Spam mails per account, per day, with multiple accounts? Having to wade through those, making sure not to loose one of the good ones? Do you know how much of otherwise productive time that wastes?

RE: Topic of Discusion
By Etsp on 11/17/2006 9:59:25 PM , Rating: 2
You really need a better spam filter...

RE: Topic of Discusion
By AxemanFU on 11/17/2006 10:42:41 AM , Rating: 2
It's mostly a LOT of stupid Americans with piss poor system protection and security, or none at all, that are partly to blame for all of the bot farms spamming the rest of us. That's why the US is in first place for sending spam. We also have enough idiots that open them that there is a market that makes it profitable. Email is sure to get abandoned altogether within a few years for IM type apps, but I'm sure those will be the next to be spammed.

Still, ultimately, the blame goes on the greedy schmucks that send all this unsolicited crap out to the world every day and make rading legitimate email a misery. I think the proper scentence would be to be hung by their scrotii from a tree for one minute per spam mail they sent, but I don't think that that's quite legal unfortunately. It would be justice though.

RE: Topic of Discusion
By CSMR on 11/17/2006 12:10:42 PM , Rating: 2
Also blame whoever is protecting them. Spammers walk free and openly in the US. Who is protecting them? The Supreme court and its free speech interpretations? Incompetent politicians? US computer users are not more stupid than others around the world; that is not the difference.

RE: Topic of Discusion
By akugami on 11/17/2006 3:38:56 PM , Rating: 2
If the US (and other) governments truly wanted to eliminate spam, all they need to do is hit the source of the money. John's House of Mortgages is the company that is in a spam saying they are offering low interest mortgages? John says he's not the one sending the spam? Doesn't matter. Fine him anyways for each damn email. While I believe him when he says he's not the one sending the spam, he's lying when he says he doesn't know who the one spamming for him is. After all, the spammer has to be paid by someone (likely a referral fee) and that someone is John.

You do something like this and John will either have to go legit and not hire people who spam to advertise for him or he will go broke from constant fines. Of course, he's likely to go broke anyways because he likely depends on morons reading the spam to get most of his business.

Either way, we're all happy, except the spammer and the guy hiring the spammer and the ISP hosting the spammer. We get less spam, our ISP has to use less resources (which cost money) to store and receive spam, the internet doesn't get bogged down by spam.

RE: Topic of Discusion
By stmok on 11/17/2006 12:21:06 PM , Rating: 2
Death is too humane for spammers. The Navy SEAL (or any other Special Forces approach) is too quick and painless.

There must be pain...Servere pain on a new level.

May I suggest a lifetime of genital torture as punishment? :)

RE: Topic of Discusion
By CascadingDarkness on 11/17/2006 3:26:32 PM , Rating: 2
If your willing to be the torturer...

RE: Topic of Discusion
By Souka on 11/17/2006 12:29:25 PM , Rating: 1
easy to stop spam.

Charge $.05 per message... if ya try to bypass the charge, you'll be invaded by the US.

RE: Topic of Discusion
By Crassus on 11/17/2006 5:56:06 PM , Rating: 2
And who should invade the no. 1 spamming nation?

RE: Topic of Discusion
By Etsp on 11/17/2006 10:00:42 PM , Rating: 2
Nukes...probably... >.<

RE: Topic of Discusion
By timmiser on 11/19/2006 12:28:52 AM , Rating: 2
I've got a better idea. Let's just blow up

There goes 80% of spam right there.

RE: Topic of Discusion
By GhandiInstinct on 11/17/2006 4:42:29 PM , Rating: 1
We should spam their blood with harmful toxins that will slowly degenerate their blood flow and make their skin acidic.

RE: Topic of Discusion
By xsilver on 11/18/2006 6:47:34 AM , Rating: 2
this spammer looks pretty human to me
but it doesnt mean he shouldnt be burned alive ;)
funny as hell too.

Pretty exact...
By Chillin1248 on 11/17/2006 8:03:56 AM , Rating: 4
I am wondering how they managed to track the number one spammer in the world not only to his location but his name even, I would figure someone like that would stay low.

But it is a pretty big shock to see how high the U.S. ranks on the spam lists, I would have honestly figured Europe to be #1.

Anyone seen any of the image spam mails yet? Also can you contain a dangerous code inside a image or is that too far-fetched?

Anyway Gmail and smart opening of mail is keeping me pretty safe and even spam free, I just opened up my old AOL account for the first time in nearly a year and I was shocked by how much spam I had in there.... Easily hundreds. My mothers AOL account is even worse off, she's old and doesn't know better; opening every single mail except those that pretty much scream, "VIAGRA SPAM". Poor women gets easily over 50 items of spam per day and I think upwards of a hundred. No amount of advice I give her or how I fool around with AOL does any good really, at this point I am pressuring her to just open a new account. Yahoo gets more spam for me than Gmail, but again not critical.


RE: Pretty exact...
By sviola on 11/17/2006 8:29:26 AM , Rating: 2
Yeah, gmail has a great SPAM filter. :)

RE: Pretty exact...
By killerroach on 11/17/2006 10:33:13 AM , Rating: 2
But it is a pretty big shock to see how high the U.S. ranks on the spam lists, I would have honestly figured Europe to be #1.

Again, it's also an issue with how "spam issues" are defined. In terms of overall spam traffic, though, if you were to take the Eurozone as a whole, it would probably surpass the US in spam levels, although, granted, that's with more overall users. You also have to keep in mind that some of these Russian spammers are using zombie machines in the US, which would increase the number of spam issues Stateside, not in Mother Russia.

RE: Pretty exact...
By Hoser McMoose on 11/17/2006 5:19:11 PM , Rating: 2
Also can you contain a dangerous code inside a image or is that too far-fetched?

A few years ago I would have laughed and said it was too far fetched, but history has proven otherwise. There have already been at least a couple of remote-exploit vulnerabilities that made use of bugs in how images were displayed. The first one was really scary because along with using this exploit a malicious hacker also hijacked a banner-ad site and loaded these exploit images there. As such, just visiting a fairly benign site (I beleive was hit, among others) could result in your system being hacked. Not nice at all!

What's probably a more common concern is tracking images. These are really just bits of HTML code which request a specific "image" file, but the file name or some extension are just used to specifically track a particular e-mail. The idea is that by opening your e-mail and having it display this "image", it will send a unique reply back to the spammer letting them know that your e-mail is active and you open spam messages.

As for spam filtering, fortunately it's getting pretty good. I'm using Yahoo and I get about 10-20 spam messages as day, but probably about 99% of them get filtered. The bigger worry for me is always false positives. In my mind a spam filter is complete pointless if you still have to go through your Junk Mail folder manually and check for false positives, so I would MUCH rather a slightly lower detection rate while being able to silently delete the obvious spam. Early on Yahoo was bad for false positives, but they've gotten a LOT better. I am still a bit concerned though, so I have auto-delete turned off for the moment. If I don't see any false positives before the end of the year I'll probably consider it safe to turn auto-delete back on.

Spammers need to DIAF
By MikeO on 11/17/2006 9:41:44 AM , Rating: 3
"The Top 10 Worst Spam Offenders Severely Injured In A Horrible Car Crash."

Sigh, one can always hope. Where's bad karma when you need it?

RE: Spammers need to DIAF
By RandomFool on 11/17/2006 9:44:34 AM , Rating: 2
That reminds me I missed My Name is Earl last night...

Why is it so difficult to stop?
By jaybuffet on 11/17/2006 1:13:16 PM , Rating: 2
since Verizon business is number one, i could assume it's because crappy system administrators or the lack of administrators in business networks not maintaining the security on their machines.

I don't understand why it's so difficult to stop SPAM. Why doesn't TEOS, Caller ID, SPF, or DomainKey's stop this? Is it because email administrators are too lazy or are these methods ineffective?

RE: Why is it so difficult to stop?
By falk on 11/17/2006 3:21:17 PM , Rating: 2
Verizon Business used to be known as UUNet. The senior management team at UUNet is aggressivly pro-spam, having even made legal threats against anti-spam web pages on more than one occasion. As far as I know, UUNet has never met a spammer it didn't like.

I had hoped that being acquired by Verizon, which previously had a good record, would help to rein them in, but so far it's been business as usual.

extreme reactions
By Gooberslot on 11/17/2006 9:22:16 PM , Rating: 2
I know spam is annoying but I seriously hope all these people advocating death and torture aren't serious.

RE: extreme reactions
By Etsp on 11/17/2006 10:06:06 PM , Rating: 2
well, think about scale. These people are responsible for causing a good amount of pain and annoyance to MILLIONS of people. sure, annoyance isnt exactly torture, but, annoyance times a few million? It adds up, and even though it isnt legally correct, death and torture would be fitting ways of getting "an eye for an eye" with the comparison of how much pain (headaches) they do cause.

A little harsh
By ajfink on 11/17/2006 11:43:15 AM , Rating: 2
I think death is a little harsh. I would very much like to personally beat them bloody, then watch them rot in jail for ten or fifteen years.

The nice thing about spam
By zsouthboy on 11/17/2006 11:46:22 AM , Rating: 2
Is that we all have to ask "Did you get that email I sent you the other day?"

Maybe it got there, maybe it didn't. Maybe it got filtered because I made a vIA5ra joke. Who knows.

By crystal clear on 11/18/2006 2:05:29 AM , Rating: 2
Read this-

"'The company also found that spam surges are almost always tied to malware outbreaks. "A few weeks after a virus outbreak we see a big up tick in spam," he said.

The overall nature of spam has also changed, he said. Spam used to be the product of annoying but relatively harmless marketers. Now it's being produced by organised criminal operations.

"The economics are clearly in favor of the bad guys because it costs nothing to make a virus and spam run. But for businesses it's very costly," Druker said. "Spam isn't just clogging email servers. It's coming embedded with malicious links that can be used to infect the network. Phishing and other fraud is a huge factor -- spamming out URLS that could be used to steal your personal data or infect your machine."

Sophos Senior Technology Consultant Graham Cluley agreed with that assessment.


"If you can find a PS3 anywhere in North America that's been on shelves for more than five minutes, I'll give you 1,200 bucks for it." -- SCEA President Jack Tretton

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki