Skip to main content

U.S. Leads Spam, but China Leads Malware

Internet security firm Sophos has released its annual Security Threat Report (PDF, registration required), and finds that during 2006 the United States retained its title as the source of more spam than any other nation on earth, accounting for some 22 percent of the spam Sophos’ services intercepted during the year. However, China was an up-and-comer, accounting for 15.9 percent of the spam sent during the year, and South Korea made a heft contribution at 7.4 percent. Sophos also calculated some some 90 percent of all spam on the Internet during 2006 was distributed via so-called zombie computer: machined hijacked by worms and Trojan horse software and under the clandestine control of spammers, scam artists, or criminal enterprises.

But China distinguished itself in another way: computers in that populous nation were the source for more malware than any other nation on earth. Many experts see China retaining the top spot for some time to come, since the country’s population of Internet users is expected to outnumber those in the United States within the next two or three years. China had 137 million Internet users by the end of 2006, according to the China Daily, an increase of 23 percent over 2005; in comparison, the U.S. government estimated 210 million of the U.S. 300 million citizens use the Internet. If China maintains its current growth rate, the total number of Chinese Internet users may surpass that of the United States in 2009 or 2010.

Recommended Videos

According to IronPort Systems, some 25 percent of total spam volume in October 2006 was “image spam,” where the content of a spam message is embedded in a graphic image rather than presented as straight text or HTML which can be profiled and filtered by mail servers. That’s an increase of 421 percent over October 2005, where image spam accounted for just 2.8 percent of all spam.

Sophos predicts that 2007 will actually see a shift away from email-based security threats and worms, with online attackers increasingly looking to exploit “Web 2.0” capabilities via social networking sites, streaming media, and file sharing services. However, for the time being, scammers’ targets are likely to remain largely centered on the population of U.S. Internet users and users of popular online commerce and transaction services: some 75 percent of all phishing email messages sent during 2006 targeted PayPal or eBay users.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Nreal’s Air AR glasses head to the U.S., ready to rock with iPhones
Nreal Air AR glasses

Nreal is bringing its augmented reality (AR) glasses to the U.S., and this time the company is porting over all that immersive fun to the iOS ecosystem. The Nreal Air, which have been available in the U.K. since May, carry a price tag of $379 and will be available via Amazon and authorized retail outlets starting today.

The Nreal Air is a watered-down version of the Light AR glasses, but the package is still quite compelling for the asking price. Rocking a more consumer-friendly wayfarer design similar to Facebook’s Ray-Ban Stories, the Nreal Air feature an OLED display offering an effective resolution of 3840 x 1080, the same as the pricier Light version.

Read more
Hackers are using fake WordPress DDoS pages to launch malware
A digital depiction of a laptop being hacked by a hacker.

Hackers are pushing the distribution of dangerous malware via WordPress websites through bogus Cloudflare distributed denial of service (DDoS) protection pages, a new report has found.

As reported by PCMag and Bleeping Computer, websites based on the WordPress format are being hacked by threat actors, with NetSupport RAT and a password-stealing trojan (RaccoonStealer) being installed if victims fall for the trick.

Read more
U.S. federal court system cyberattack is worse than previously thought
A large monitor displaying a security hacking breach warning.

A cyberattack incident that involved the U.S. federal court system infrastructure has been proven to be an “incredibly significant and sophisticated” attack.

This statement is a stark difference from the one initially provided when the situation occurred in 2020.

Read more