Skip to main content

U.S. Leads Spam, but China Leads Malware

Internet security firm Sophos has released its annual Security Threat Report (PDF, registration required), and finds that during 2006 the United States retained its title as the source of more spam than any other nation on earth, accounting for some 22 percent of the spam Sophos’ services intercepted during the year. However, China was an up-and-comer, accounting for 15.9 percent of the spam sent during the year, and South Korea made a heft contribution at 7.4 percent. Sophos also calculated some some 90 percent of all spam on the Internet during 2006 was distributed via so-called zombie computer: machined hijacked by worms and Trojan horse software and under the clandestine control of spammers, scam artists, or criminal enterprises.

But China distinguished itself in another way: computers in that populous nation were the source for more malware than any other nation on earth. Many experts see China retaining the top spot for some time to come, since the country’s population of Internet users is expected to outnumber those in the United States within the next two or three years. China had 137 million Internet users by the end of 2006, according to the China Daily, an increase of 23 percent over 2005; in comparison, the U.S. government estimated 210 million of the U.S. 300 million citizens use the Internet. If China maintains its current growth rate, the total number of Chinese Internet users may surpass that of the United States in 2009 or 2010.

According to IronPort Systems, some 25 percent of total spam volume in October 2006 was “image spam,” where the content of a spam message is embedded in a graphic image rather than presented as straight text or HTML which can be profiled and filtered by mail servers. That’s an increase of 421 percent over October 2005, where image spam accounted for just 2.8 percent of all spam.

Sophos predicts that 2007 will actually see a shift away from email-based security threats and worms, with online attackers increasingly looking to exploit “Web 2.0” capabilities via social networking sites, streaming media, and file sharing services. However, for the time being, scammers’ targets are likely to remain largely centered on the population of U.S. Internet users and users of popular online commerce and transaction services: some 75 percent of all phishing email messages sent during 2006 targeted PayPal or eBay users.

Editors' Recommendations