IT security and control firm, Sophos, has published its latest report on the 'Dirty Dozen' spam-relaying countries, covering the third quarter of 2010.
Since the second quarter this year, the spam output from the US has increased significantly from 15.2% to 18.6% of global spam, making the country responsible for nearly one in five junk e-mails. This means that the US contributes nearly 2.5 times more spam than the next worse offender, namely India.
The UK finds itself dropping one position since the previous quarter - from fourth to fifth place - and is now responsible for relaying 5% of all spam this quarter.
The top 12 spam relaying countries for July to September 2010 are:
1. United States 18.6%
2. India 7.6%
3. Brazil 5.7%
4. France 5.4%
5. UK 5%
6. Germany 3.4%
7. Russia 3%
7. S.Korea 3%
9. Vietnam 2.9%
10. Italy 2.8%
11. Romania 2.3%
12. Spain 1.8%
54 South Africa 0.24%
Other 38.5%
The top spam-relaying continents for July to September 2010 are:
Europe 33.1%
Asia 30%
N America 22.3%
S America 11.5%
Africa 2.3%
Other 0.8%
According to Sophos, almost all of this spam comes from malware-infected computers (known as bots or zombies) that are being controlled by 'botherder' cyber criminals. One of the primary tactics used to grow botnets involves tricking computer users into clicking malicious links, either contained in spam e-mail or social networking messages, which direct computers to malware infected Web pages.
"While spam is a nuisance, it is being used by cyber criminals as a means of growing their operations," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa. "Users should never even be tempted to open a spam message out of curiosity, as it can only take a second to effectively hand over control of your computer to the spammers. If your computer does become part of a botnet, you're also inviting further malware infections, which may compromise your personal or banking details."
Sophos also noted a rise in social networking spam during Q3 2010, with the widely reported 'onMouseOver' exploit creating spam tweets on Twitter, and a raft of Facebook scams that have been created by spammers to generate money from survey Web sites.
"What's interesting about the Facebook scams is that they exploit human weaknesses to spread, tricking users into filling in a questionnaire if they want to see a shocking picture or video that may not even exist," says Myroff. "Unfortunately, these scams continue to proliferate. New ones are springing up every day and Facebook seems unable to curb the onslaught permanently."
One Facebook spammer has, however, been fined for using the social network to promote the sale of drugs. Canadian Adam Guerbuez was fined US$100 for every one of the 4 366 386 spam posts he made, resulting in total fine of US$873.3 million.
Guerbuez was able to spam from Facebook users' accounts after phishing their login details.
“Users should always take care when entering login credentials. Be aware that you might be on a bogus Web site that has been created purely for the purposes of stealing your username and password, and for those details to then be used to send spam to others," Myroff says.
“The best way for computer users to reduce the risk of being compromised is to run anti-spam and anti-malware protection, behave sensibly when online and ensure systems are up-to-date with security patches.”
Sophos recommends that companies automatically update their corporate virus protection, and run a consolidated solution at their e-mail and Web gateways to defend against spam and viruses.
Share