Johannesburg, 19 Jul 2007
IT security and control firm, Sophos, has published its latest report on the top 12 spam-relaying countries over the second quarter of 2007.
Experts at SophosLabs scanned all spam messages received in the company's global network of spam traps, and have revealed that the US continues to relay more spam than any other nation, accounting for 19.6% - a decrease of just 0.2% from the previous quarter.
However, Europe now has six entries in the dirty dozen, which, when combined, account for even more spam-relaying than the US.
Sophos notes that the number of compromised PCs continues to rise steadily in Europe. An image showing the continent's zombie computers that relayed spam during a 30-minute period is available from: http://www.sophos.com/news/2007/07/dirtydozjul07.html.
According to Sophos, the overall global volume of spam rose by around 9% during Q2 2007, compared to the same period in 2006.
The top 12 spam-relaying countries are as follows:
April to June 2007
1. United States 19.6%
2. China (including Hong Kong) 8.4%
3. South Korea 6.5%
4. Poland 4.8%
5. Germany 4.2%
6. Brazil 4.1%
7. France 3.3%
8. Russia 3.1%
9. Turkey 2.9%
10. United Kingdom 2.8%
=10. Italy 2.8%
12. India 2.5%
Other 35%
While the US remains top spam dog, the latest chart emphasises the urgent need for joined-up global action to combat this growing problem.
"For every spam campaign, the spammers, compromised computers used and the people being deluged by the unsolicited mail are often located in totally different parts of the world. A consolidated effort is needed to pursue and prosecute spammers, and also to convince computer users everywhere of the importance of blocking rather than responding to spam messages," says Brett Myroff, CEO of master Sophos distributor, NetXactics.
"Everyone has a part to play if the global battle against spam is to be won."
According to Sophos, the growing number of PCs across the US and Europe, combined with an increase in the amount of Internet service providers offering cheap Internet access - not all of which have taken adequate steps to prevent spam-relaying activity - are responsible for the strong Euro-American presence in the dirty dozen.
Once a machine is compromised, it is often used to send out spam for a variety of campaigns. In a matter of seconds, compromised systems send messages on a dozen different topics, from stock scams and cheap mortgages, to saucy porn and diet drugs.
"Internet service providers seriously need to examine whether they're doing enough to monitor whether their users are unwittingly relaying spam, as well as educate them about how to defend their home PCs," Myroff says.
While there have been minor shifts in individual nations' chart positions, the biggest single change occurs in the 'other' section, which has risen from 30.6% in Q1 2007 to 35% in Q2. This suggests that on an individual level, more nations are now responsible for contributing to the problem of spam-relaying.
Additionally, having disappeared from the chart in Q1, the United Kingdom has re-entered the dirty dozen in 10th place, responsible for relaying 2.8% of the world's spam.
Spam relayed by continent
Despite the strong presence of the US and European nations in the dirty dozen itself, the sheer number of Asian nations relaying smaller amounts of spam meant that Asia proved to be the biggest spam-relaying continent during Q2 2007.
While Europe, which topped the chart in Q1 2007, has reduced its percentage by 6.6% and fallen to second place; Asia, North America, South America and Africa have all seen rises in spam-relaying activity.
Sophos experts predict further levelling of these statistics over the coming months, as spammers start to take advantage of the growing number of inadequately protected computers in the likes of South America and Africa.
The breakdown of spam-relaying by continent is as follows:
April to June 2007
1. Asia 35.2%
2. Europe 28.5%
3. North America 24.2%
4. South America 9.6%
5. Africa 1.6%
Other 0.9%
Sophos recommends that computer users ensure they keep their security software up-to-date, as well as using a properly configured firewall and installing the latest operating system security patches.
Businesses must also look to implement a best practice policy regarding email account usage.
Share