Sophos: Asia Leads Spam Relay

More spam is relayed through Asia than any other continent—a sharp difference from the situation two years ago, when the United States accounted for more than half of all spam sent to the world.

According to a Sophos report on the top 12 spam-relaying countries for the first quarter of 2006, Asia has taken over the top spot (42.8 percent) for spam relaying as a continent, in front of North America and Europe at 25.6 percent and 25 percent, respectively.

The United States, however, remains the country relaying the most spam, although it now accounts for less than a quarter. China is fast narrowing the gap as the United States continues to make good progress in its efforts to reduce spam-relaying statistics.

“Asia’s spam-relaying numbers is growing because of its growing economy [spam being a tool for marketing] and broadband becoming more widely available,” said Dr. Jan Hruska, cofounder of Sophos.

Graham Cluley, senior technology consultant for Sophos, also pointed out that more and more viruses, worms and Trojan horses are being designed to take over innocent users’ computers with the intention of stealing information and sending out junk e-mail campaigns. In the United States, however, the fall in proportion of spam being relayed through the country is evidence that more Americans are waking up to the need to protect their home computers from malicious hackers, he said.

Helped by legislation such as Can-Spam and greater information sharing by ISPs, the United States has imposed severe penalties and fines for its most prolific spammers. During the first quarter of 2006, several gang members responsible for distributing massive quantities of pornography admitted their involvement in a criminal spam ring.

“The recent high-profile convictions of some spammers served as a warning to the others, and have helped to reduce the percentage of spam from the U.S.,” said Hruska. According to Hruska, one in 40 e-mails contains a virus, and one in two e-mails is spam. The Internet has become an infectious network. “If you connect a PC running on Windows XP, without any patches or antivirus software, to the Internet, and left it alone without doing anything, it has a 94 percent chance to get infected in 60 minutes, and 40 percent chance to get infected in 10 minutes,” he said.

“It has become a US$3 billion market for spammers, and with the money, they are recruiting professionals to write better quality hijack codes and viruses, and not using amateurs like before.”

Hruska advised computer users to have at least the following three measures to protect themselves from being zombie computers: Ensure the latest patches are updated for the operating system; use a firewall (even if it is just the built-in Windows firewall); and use anti-virus and anti-spam software.

Check out Sophos’ website.

-Kenneth Liew, Computerworld Singapore

Keep checking in at our CSO Security Feed page for updated news coverage.