U.S., China Serving Up More Spam

The United States may be slipping in the battle against spam e-mail, while spam production is increasing in Southeast Asia, according to a report from anti-virus vendor Sophos.

After two years of reductions, the United States was unable to further lower the amount of unsolicited e-mail, or spam, generated by computers within its borders during the first three months of 2006.

Based on the latest figures released by anti-virus software maker Sophos, the United States remains perched atop the list of the so-called "dirty dozen," the worlds top 12 spam-relaying countries, a place it has held since Sophos began collecting its data in 2003.

However, researchers said, for the first time in that time frame, the United States was unable to lower the volume of spam it produced during the first quarter.

Overall, the United States accounted for 23.2 percent of the worlds spam between January 1 and the end of March, as compared to the 23.1 percent of the worlds spam it generated during the fourth quarter of 2005.

Researchers said the vast majority of spam is still being relayed by so-called zombie networks, or botnets, which are PCs that have been hijacked by Trojan horse threats, worms and other viruses, so as to be used to secretly distribute infected e-mail.

Other approaches, including spam e-mails that use images in the place of text to circumvent content filtering technologies, and more traditional "pump-and-dump" stock inflation schemes circulated via e-mail, have also kept the spam wells brimming, the company said.

/zimages/6/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

While the current volume of spam originating from the United States compares favorably to the nearly 57 percent of all spam the nation accounted for in February 2004, Sophos said the news was discouraging, because of all the ongoing efforts within the United States to block unwanted messages.

Ron OBrien, a senior security analyst for Sophos, in Lynnfield, Mass., noted that this was also the first quarter that the United States failed to reduce spam generation since the passage of the governments CAN-SPAM Act in 2003, which aimed to reduce the amount of nuisance e-mail by establishing requirements for commercial senders.

"Its disappointing to see the U.S. lose some of its momentum in the war against spam; despite the increase in arrests and significant monetary penalties, its clear that the United States has more work to do," OBrien said. "With a concerted focus on regulatory action and judicial punishment, the U.S. must now intensify its efforts to educate computer users on preventive security measures to curb the infestation of zombie computers."

Despite the lack of progress in the United States over the first quarter, the rapid growth of spam distribution in Southeast Asia may be even more cause for concern, according to the research. China ranked second in the list, having produced 20 percent of all the worlds spam during the first three months of 2006, and while that number was also flat compared to the previous quarter, China, Hong Kong, South Korea, Japan and Taiwan now account for almost half of the worldwide spam output.

/zimages/6/28571.gifClick here to read more about "image spam" and hacker attacks via instant messaging programs.

In 2004, China and North Korea accounted for roughly 12 percent of all spam. Since that time, Asia has surpassed North America as the continent producing the bulk of the worlds unwanted e-mail. However, Europe has also leapfrogged North America and has risen to the second position in that ranking with a marked rise in spam during the first quarter of 2006, which Sophos attributed to increased zombie activity. France, Spain, Poland, Italy, Germany and the United Kingdom were all present in the dirty dozen.

Sophos Gregg Mastoras, also a senior security analyst, said there is also an increase worldwide in the number of spam e-mails being used to deliver Trojan viruses, with the potential to create even more zombie networks around the globe. Of all the threats delivered via spam e-mail during the first quarter, 85 percent involved Trojan attacks, he said.

In a throwback to the scams of yesteryear, spammers have also begun adopting classic pump-and-dump schemes, according to Sophos. These e-mails typically offer information on small-cap stocks meant to encourage people to invest in specific companies. Once the tactic causes the stock prices involved to rise, those behind the enterprise sell off their shares at a premium.

While the SEC (Securities and Exchange Commission) is already investigating such campaigns, Mastoras said the move is reflective of the ever-changing nature of spam writers methods.

"Spammers have adapted; while headway is being made against unwanted e-mail, the spammers also are working aggressively to find new ways around IT defenses," he said. "The ultimate factor is that this is still a profitable business they can make money at, since there are still many people who will reply to even the most recognizable, obvious formats for spam that we know of."

/zimages/6/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.