• United States



Latest ‘Dirty Dozen’ Spam Sending Countries Revealed

Feb 02, 20063 mins
CSO and CISOData and Information Security

The U.S. still tops the list of the top 12 spam relaying countries, according to a report by Sophos, a provider of integrated threat management products. However, the US has made significant reductions and for the first time accounts for less than a quarter of all spam.

Australia is 23rd on the list and New Zealand is so far down the list that Sophos can’t give us an exact ranking.

The report shows that the amount of non-English language spam is increasing, with the majority being relayed by “zombie” computers, hijacked by Trojan horses, worms and viruses and under the control of hackers. “Pump-and-dump” stock spam, which artificially inflates stock prices before spammers sell shares at a fairly large profit, is also increasing, the report says.

“The list is partly good news and partly bad news,” says Paul Ducklin, Sophos’s Asia-Pacific head of technology. “The good news is that infection rates from malware seem to be much lower in the Australia-New Zealand region than they are, for example, in North America, even when population differences are taken into account.

“The bad news is that the contribution of China is up by seven percentage points since October 2005, as the spam economy takes off over there. Further bad news — and perhaps more of a surprise — is the continued rise in the percentage of spam from France, which has gone from 1.2 percent a year ago to 3.5 percent in October to 5 percent now.”

Ducklin can only speculate as to why France has climbed up the list.

“More people are connecting to the internet and it is becoming more affordable to surf the net.”

He points out that 5 percent is still quite low and hopes that the dirty dozen-ranking will act as a wake-up call for the French.

The UK has managed to slip out of the dirty dozen. It is responsible for 1.6 percent of spam and holds 14th position.

The dirty dozen consists of nations from four different continents and this indicates the nature of the spam problem, says Sophos.

Zombie computers allow spammers to escape country-specific legislation, as they do not have to be located in the same country as the spamming machines they operate.

“Zombie networks make law enforcement very difficult,” says Ducklin. “If someone in Latvia is sending spam to someone in Canada to sell a product out of China, using a zombie in Argentina, who do you call?

“But the good news is that law enforcement has had some spectacular successes lately in bringing spammers and zombie operators to justice,” he says.

Sophos recommends that computer users keep antivirus software and operating system security patches up-to-date and use a properly configured firewall, to reduce the risk of their PCs becoming part of a zombie network.

“The flipside is that these numbers do not represent the demand side of spam. As long as people continue to respond to spammers, that gives them a reason to exist and the need for zombie computers will continue,” Ducklin says.

“So the message we want to get across is this: no matter how intriguing the spammer’s offer seems, don’t try, don’t buy, don’t reply.

That will definitely help drive down the effectiveness of spam campaigns.”

Sophos is headquartered in the UK, with local offices in Sydney, Melbourne and Auckland.

By Ulrika Hedquist – Computerworld New Zealand Online