When a Web hosting network reputedly responsibly for three-quarters of the world’s spam, McColo, was taken down in November, many people assumed the bust would take a big bite out of the amount of spam circulating.
Indeed, spam plummeted 70 percent overnight, but now spam is bouncing back faster than you can hit delete on that Viagra discount offer in your in-box. No joke.
According to Google, whose Postini Message Security network sees spam from more than 2 billion business e-mail connections per day, spam levels are up by 156 percent since November 2008.
Worse still, total spam volumes will be back to pre-McColo levels within a few months once spammers find new outlets for their unsolicited messages, wrote Amanda Kleha of the Google Message Security Team.
This reflects a trend in spam growth, as Google noted that despite the McColo shutdown, spam levels soared 25 percent in 2008 from 2007, with the average unprotected user receiving 45,000 spam messages in 2008, up from 36,000 in 2007.
So what is the outlook for 2009? Spammy, spammy and spammier, as Google’s Postini team projects even more viruses sent via e-mail and from the Web, with the majority of spam messages trying to trick users by mimicking legitimate e-mails such as UPS package tracking notifications or delivering invoices that include virus attachments.
In 2008, users were also exposed to fake news alerts with URLs that would link to a Web site hosting a virus. The CNN e-mail virus comes to mind. Kleha added:
“We can also expect that viruses and malware will continue to be a key tool and area of focus for spammers to upgrade their platforms. Even though virus attachment volumes have been low so far this year, we expect spammers to work hard to rebuild their networks to replace what was lost in the McColo shutdown. Of course, the only thing we can really say with certainty about 2009 is that spam and viruses will continue to be unpredictable.“
Spam isn’t going anywhere, and it’s in for the long haul. The key for users is to remain vigilant and refrain from visiting suspicious URLs and especially from opening e-mail attachments unless the senders are verified.
Oddly, Google didn’t mention anything about viruses or spam that infect social networks such as Facebook or MySpace, which are also vulnerable to viruses, worms and social engineering techniques that fool unsuspecting users.