Spam Back to 80 Percent Pre-McColo

When Washington Post blogger Brian Krebs and some of his friends forced larger ISPs to cut off shady hosting provider McColo in early November, some experts estimated that worldwide spam rates dipped by as much as 75 percent as several major e-mail-spewing botnets had their virtual heads cut off.

Well, I hope you enjoyed the layoff.

According to researchers at Symantec (who estimate that the McColo incident dropped spam by a mere 50 percent globally…), levels of unwanted e-mail and botnet activity have now returned to 80 percent of their strength before the high-profile takedown.

Ever so slowly and incrementally, spam rates have risen since hitting a low on Nov. 23, when they represented only 25 percent of all e-mail. As of last week, the percentage of messages identified as spam had leapt back to roughly 80 percent of all e-mail, Symantec contends.

The researchers blamed the resurgence of spam on the ability of botnet herders to get their operations back up-and-running.

“Old botnets are being brought back online and potential new botnets are being created,” Symantec research staffer Dylan Morss reported.

Just in time for the holidays, spammers are returning to their discount consumer product themes, touting knock-off watches along with the usual mix of pharmaceuticals and software programs.

According to Symantec, the leading types of spam observed over the last weeks include:

-Replica watches

-Generic pharmacy

-Erectile dysfunction drugs

-Weight loss

-Software

The e-mail is being sent from literally all over the world, with Brazil noticeably increasing its role, and taking the top spot, accounting for 22 percent of the unwanted mail, ahead of perennial leaders Russia (12 percent), the U.S. (12 percent) and China (11 percent). Turkey (12 percent) and India (11 percent) also generated a good deal of spam, making for a truly global spread of distribution.

The vast majority of the messages in circulation attempt to lure end users into clicking on URLs, indicating the likelihood that many of the messages are directly tied to malware schemes.

So, I hope that you’re already getting hungry for that annual post-holiday feast.

It looks like there’ll be plenty of spam on the menu.

Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.