U.S. Captures High-Profile Spammers, but General Computer Security
Remains Worryingly Lax
BOSTON, October 24 /CNW/ - IT security and control firm Sophos has
published its latest report on the top 12 spam-relaying countries during the
third quarter of 2007.
Experts at SophosLabs scanned all spam messages received in the company's
global network of spam traps and have revealed that, yet again, the U.S.
relayed more spam than any other nation, accounting for a massive 28.4 percent
- meaning that almost one in three of all the world's spam emails is being
sent through a compromised U.S. computer. The gap between the U.S. and its
nearest rival has also increased significantly, with second placed South Korea
only responsible for relaying 5.2 percent, or one in 20 spam messages.
The top 12 spam-relaying countries are as follows:
July to September 2007
1. United States 28.4%
2. South Korea 5.2%
3. China (inc. Hong Kong) 4.9%
4. Russia 4.4%
5. Brazil 3.7%
6. France 3.6%
7. Germany 3.4%
8. Turkey 3.2%
9. Poland 2.7%
10. United Kingdom 2.4%
11. Romania 2.3%
12. Mexico 1.9%
"It seems as though a major American spammer is arrested every other
week. Despite these high-profile lawbreakers being put away, the U.S.
continues to relay far more spam than any other nation," said Carole
Theriault, senior security consultant at Sophos. "The problem is there are
thousands of spammers using many thousands of compromised zombie computers in
the U.S. The only way we're going to reduce the problem is if U.S. authorities
invest a lot more in educating computer users of the dangers, while ensuring
ISPs step up their monitoring efforts to identify these compromised machines
as early as possible."
According to Sophos, while the U.S. has risen substantially in the spam
stakes, neighboring Canada has continued to make good progress in eradicating
the spam problem, further reducing its spam-relaying figure during Q3 to just
MALICIOUS SPAM GROWTH
During August 2007, Sophos identified a series of large-scale malware
attacks made via spam email, with weblinks inserted into spam messages that
directed recipients to malicious websites designed to infect their PCs.
One such campaign involved eCard spam, with an estimated nine million
malicious eCard messages being sent out within a 48-hour period. Users that
visited the link contained in the message did not receive an eCard, and
instead found their PCs infected by the JSEcard Trojan horse, thus exposing it
to further threats. Similar campaigns were launched that offered pictures of
nude celebrities, YouTube movies and pop music videos, providing recipients
clicked on the malicious link enclosed.
DEATH OF PDF SPAM
Having first been identified in June 2007, August saw a dramatic rise in
the amount of PDF spam being relayed, only for it to trail away in similarly
dramatic fashion shortly after. In early August, SophosLabs identified a new
spam message with an attached PDF file, urging internet users to purchase
shares in a company called Prime Time Group Inc. The spike in spam was so
significant that it resulted in the amount of spam seen by Sophos's global
traps to increase 30 percent in 24 hours.
However, just weeks later, levels of PDF spam had dropped to virtually
zero - evidence that the new tactic had failed in its attempts to encourage
investment. Sophos experts note that PDF spam is not an immediate way of
communicating with an audience, particularly when compared to a marketing
message within an email client's preview pane, which may account for why it
did not resonate with recipients.
SPAM RELAYED BY CONTINENT
The massive rise in the U.S.'s relaying caused North America to overtake
Asia and Europe to become the biggest spam-relaying continent during Q3 2007.
Asia followed close behind, due to the large number of individual Asian
nations relaying spam, while Europe managed to reduce its overall figure by
The breakdown of spam-relaying by continent is as follows:
July to September 2007
1. North America 32.3%
2. Asia 31.1%
3. Europe 24.8%
4. South America 9.1%
5. Africa 2.1%
Sophos recommends that computer users ensure that they keep their
security software up-to-date, as well as use a properly configured firewall
and install the latest operating system security patches. Businesses must also
look to implement a best practice policy regarding email account usage.
For more information on best practices for minimizing exposure to spam,
please visit: www.sophos.com/security/best-practice/
As a global company, Sophos provides solutions that enable enterprises to
secure and control their IT infrastructure. Sophos's network access control
and endpoint solutions simplify security to provide an integrated defense
against malware, spyware, intrusions, unwanted applications and policy abuse.
Sophos complements these solutions with innovative email and web security
products that filter traffic for security threats, spam and policy
With over 20 years of experience, Sophos's reliably engineered security
solutions and services protect more than 100 million users in over 140
countries. Recognized for its high level of customer satisfaction,
award-winning channel program, and powerful yet easy-to-use solutions, Sophos
has an enviable history of industry awards, reviews and certifications.
Sophos is headquartered in Boston, MA and Oxford, UK. More information is
available at www.sophos.com.
For further information:
For further information: Racepoint Group Heather Ailara, 781-487-4650
firstname.lastname@example.org or Sophos Jennifer Torode, 781-494-5885