Google: Botnet Takedowns Not Reducing Spam Levels

The battle against spam seems like it will never end, and in recent months security professionals and government agencies have shifted their efforts from taking down spam-friendly ISPs like McCoLo and 3FN to actions against specific botnet networks like ZeuS and Waledac. While these actions at least keep the bad guys on their toes and chalk up some victories for Internet users everywhere, Google says they don’t really seem to be having much of an impact on overall levels of spam. In a post to its enterprise blog, Google says that while the volume of spam it measures dropped 12 percent from the fourth quarter of 2009 to the first quarter of 2010, the first quarter of 2010 still saw 6 percent more spam than the first quarter of 2009. In other words, despite the recent takedowns, the longer trend is still towards more and more spam.

“This suggests that there’s no shortage of botnets out there for spammers to use,” Google’s Gopal Shah wrote. “If one botnet goes offline, spammers simply buy, rent, or deploy another, making it difficult for the anti-spam community to make significant inroads in the fight against spam with individual botnet takedowns.”

Google is basing its report on security and antispam services managed under Postini, which Google acquired back in 2007 for some $625 million. Postini provides domain-level spam filtering services, as well as antispam technologies for Google’s broader collection of services like Google Apps.

google botnet takedowns not reducing spam levels postini size trends april 2010

Google also noted that spammers seem to be reverting back to image-based spam in recent weeks, in an effort to get around text-based filters that make a decision on whether an image is spam or not on the basis of the message content, rather than the content of attachments like images (which are notoriously hard to identify as spam or not-spam via automation). The result is a net increase in the size of individual spam messages, meaning they’re taking more bandwidth and storage per message…and costing ISPs and telecommunications operators more money to store and transfer.

Editors' Recommendations