Computer security firm Sophos has released its list of the “dirty dozen” countries that are the original points for the email spam that clogs our inboxes and brings our mail services to their knees. And while many countries have reputations as being havens for spammers and cybercriminals, guess what? Sophos says the United States is by far the top spam-sending nation on the planet—and its lead is growing.
According to Sophos, some 18.83 percent of all spam during the fourth quarter of 2010—that’s nearly one in five spam messages—originated in the United States. The figure is an increase compared to 18.6 percent during the third quarter of 2010, and represents almost three times as many spam messages as the number-two spam sending nation, India, which accounted for 6.88 percent of the world’s spam in the fourth quarter of 2010. The United Kingdom manages to see a decline in the amount of spam it generated—down from 5 percent to 4.54 percent of the world’s spam.
Sophos notes that the nature of spam is shifting: although a good deal of spam is still advertisements for a variety of dubious enterprises, many spam messages are intended to lure users to Web pages where malicious software will try to install itself onto users’ computers, or that will prey upon user fears of security compromises to induce a purchase.
“Spam is certainly here to stay, however the motivations and the methods are continuing to change in order to reap the greatest rewards for the spammers,” said Sophos senior technology consultant Graham Cluley. “What’s becoming even more prevalent is the mailing of links to poisoned Web pages—victims are tricked into clicking a link in an email, and then led to a site that attacks their computer with exploits or attempts to implant fake anti-virus software.”
In addition, more messages are attempting to phish for information like names, passwords, and account details, and more spam is engaging in “spearphishing”—email attacks customized and targeted at particular users, personalized with names, email addresses, and other information in an effort to make the messages seem more legitimate.
Oh, and remember a week ago when global spam levels suddenly declined, owing in part to a strange and sudden silence from the Rustock botnet? It was short-lived. According to MessageLabs, Rustock is awake again. So much for everyone’s spam-free holiday.
