The antivirus company Sophos has published its latest report on the top 12 spamming countries during the last six months. Experts at SophosLabs analyzed all spam messages received in its global network of spam traps to identify the top 12 countries of origin for spam.
The United States remains the worst offender, but is relaying significantly less of the world’s spam than it did a year ago, while spam traffic from China and South Korea increased substantially.
Meanwhile, Sophos found that more than 60% of spam is now generated from zombie computers – hijacked PCs infected by malware. The evolving nature of spamming now allows culprits to be in a different country than the innocent computers they exploit.
The "Dirty Dozen" countries are as follows (figures in brackets denote percentages for the same period in 2004):
April – September 2005
1. United States 26.35% (41.50%)
2. S Korea 19.73% (11.63%)
3. China (incl. Hong Kong) 15.70% (8.90%)
4. France 3.46% (1.27%)
5. Brazil 2.67% (3.91%)
6. Canada 2.53% (7.06%)
7. Taiwan 2.22% (0.86%)
8. Spain 2.21% (1.04%)
9. Japan 2.02% (2.66%)
10. United Kingdom 1.55% (1.07%)
11. Pakistan 1.42% New Entry
12. Germany 1.26% (1.02%)
Others: 18.88% (18.10%)
While the United States, South Korea and China still account for more than 50% of all spam, the United States and Canada have significantly reduced their role in the problem. Sophos has seen a sharp drop in spam sent from North American computers due to a number of factors: jail sentences for spammers, tighter legislation, and better system security.
"Efforts such as ISPs sharing knowledge on how to crack down on spammers, and authorities enforcing CAN-SPAM legislation, have helped North America thwart the efforts of spammers on their doorsteps. Some of the most prolific spammers have been forced to either quit the business or relocate overseas as a result," said Graham Cluley, senior technology consultant for Sophos.
"The introduction of Windows XP SP2 a year ago, with its improved security, has also helped better defend home users from computer hijacking. The worry now is that devious spammers will turn to other net-based money-making schemes, such as spyware and identity theft malware to make their dirty money."
Feeling the impact of international awareness and country-specific legislation, spammers are increasingly turning to illegitimate providers to fuel their success and their key partners in crime are virus writers and hackers. By taking control of unprotected PCs, hackers can relay spam, launch denial-of-service attacks or steal user information, without computer owners being any-the-wiser.
"There are fortunes to be made from the dark side of the internet, and spammers who are finding it harder to sell goods via bulk email are likely to turn to other criminal activities," continued Cluley.
"What the chart reveals is that spammers and virus writers can exploit unprotected computers anywhere in the world to send out their unwanted messages – everyone has a part to play in the fight against spam."
Sophos recommends that computer users ensure they keep their anti-virus software up-to-date, as well as using a properly configured firewall and installing the latest operating system security patches, to reduce the risk of their PCs becoming part of a zombie network. Businesses must also look to implement a best practice policy regarding email account usage.