US is worst in world for spamming

The US has headed up a list of spam-relaying countries, accounting for nearly one in five of all malicious messages sent in the fourth quarter of 2010.

The UK meanwhile decreased its level of spam, according to figures released by IT security firm Sophos, as cybercriminals change tactics with malware spreading, phishing emails and social network attacks replacing traditional methods.

In the stats published by Sophos, the US is seen to increase its lead to 18.6 percent of all spam messages, with its dominance in the list supposedly underlining the continuing problem of computers being compromised by hackers in the country, allowing them to be remotely controlled for criminal purposes without the owners’ knowledge.

“The US is so far ahead of the rest of the world for two reasons,” Graham Cluley senior technology consultant at Sophos told TechEye.  “Firstly, because there are many more people online there, and hence more computers to receive spam, but also because such a large number of those computers will have been compromised.”

He added: “Almost all spam comes from malware-infected computers (known as bots or zombies) that are being controlled by ‘botherder’ cybercriminals.” 

“One of the primary tactics used by cybercriminals to grow botnets involves tricking computer users into clicking malicious links – either contained in spam email or social networking messages – which direct computers to malware infected webpages. And, if your computer does become part of a botnet, you’re also inviting further malware infections, which may compromise your personal or banking details.”

While the UK decreased its percentage of total spam output compared to the third quarter last year, from 5 percent to 4.54 percent, it remains in fifth place overall.

Meanwhile Europe as a whole decreased its amount of spam-relaying, though remained the most prolific continent, accounting for 32.11 percent, ahead of Asia on 31.89 percent and North America with 22.38 percent.

According to Sophos, while the same countries continue to dominate in terms of spam relaying, the nature of the spam being distributed is becoming more malicious. 

It is noted that traditional subject matter such as adverts for pharmaceuticals also continue to be a concern as before, with a staggering 36 million Americans reported to purchase drugs from unlicensed online sellers.

“Research has shown that a huge number of Americans choose to purchase drugs online from the kind of outlets we frequently see advertised in spam messages.  By purchasing via these channels, many may not realise that they are making the problem worse.  This goes for computer users in the UK and anywhere else – if you receive an unsolicited email message advertising goods to you – don’t buy, don’t try, don’t reply.”

However the problem is beginning to move more towards messages spreading malware, as well as attempting to phish user names, passwords and personal information.

“Spam is certainly here to stay, however the motivations and the methods are continuing to change in order to reap the greatest rewards for the spammers,” said Graham Cluley, senior technology consultant at Sophos.  “What’s becoming even more prevalent is the mailing of links to poisoned webpages – victims are tricked into clicking a link in an email, and then led to a site that attacks their computer with exploits or attempts to implant fake anti-virus software.”

Sophos warns that there has also been an increase in more focused, targeted email attacks, known as “spearphishing”.  In addition to this, Sophos is continuing to receive an increased number of reports of malicious apps, compromised profiles and unwanted messages spreading across social networks such as Facebook and Twitter.

“Regardless of what methods spammers use, internet users should never be tempted to open a spam message out of curiosity, or click on an unknown link, just because it appears on a Facebook friend’s profile,” continued Cluley. 

“Internet users need to become aware of these new approaches to cybercrime as the spamming techniques become more and more sophisticated.  As long as spammers continue to make money from these schemes, internet users can be sure that they’ll continue to receive unsolicited emails and social networking scams.  To combat this, it’s essential that computer users remain wary of clicking on unknown links, regardless of whether they appear to be on a trusted contact’s social networking page.”

The top 12 spam-relaying countries by precentage in Q4 2010:

  • 1.  USA           18.83
  • 2.  India            6.88
  • 3.  Brazil           5.04
  • 4.  Russia         4.64
  • 5.  UK               4.54
  • 6.  France         3.45
  • 7.  Italy             3.17
  • 8   South Korea 3.01
  • 9.  Germany      2.99
  • 10. Vietnam      2.79
  • 11. Romania      2.25
  • 12.  Spain         2.24
  • Other                40.7