Global spam levels…in decline?

Spam in mailbox

A funny thing happened over the end-of-year 2010 holiday season: levels of spam email on the Internet declined precipitously, with Symantec’s MessageLabs reporting that levels have dropped to the lowest point since the shutdown of spam-friendly ISP McColo back in 2008. And while the decline seems to be attributable to three major botnets shutting down…nobody knows why those botnets might have gone quiet.

“At present we don’t know why these botnets have stopped spamming, perhaps the botnet herders have decided they need a holiday too?” wrote Symantec’s Paul Wood. “Whilst this is an excellent gift over the holiday season for anyone who regularly uses email, we would not expect the level of spam to stay this low for long.”

Although major botnets like Cutwail and Gheg continue to churn out millions of unwanted messages, antispam authorities are attributing the drop in spam levels to a seeming near-total shutdown of the Rustock botnet, one of the most prolific spam-generators of 2010. Rustock seems to have gone quiet on December 25, 2010, with spam levels from Rustock bots accounting for less than one half of one percent of all spam worldwide, Two other major botnets, Lethic and Xarvester, also went quiet on December 28 and December 31, respectively.

Although antispam takedowns and enforcement actions are becoming more common around the world, there’s no evidence law enforcement has had any role in these three major botnets going dark. Similarly, there’s no real evidence that spam is becoming any less lucrative for spammers: although very, very few Internet users fall prey to too-good-to-be-true online offers, it only takes a couple clicks for every million messages for spammers to make money. Although spammers and other cybercriminals have started turning their attention to social media platforms like Twitter and Facebook, most industry watchers expect spam to return to previous levels (or even higher levels) in short order: if Rustock, Lethic, and Xarvester don’t come back, other botnets will likely step into their former turf.

Editors' Recommendations