US, China top Sophos list of spam-relaying countries

Sophos Thursday released its global statistics naming and shaming the Dirty Dozen spam relaying countries with the U.S. and China sharing the number one position from April to June 2007.

Australia maintained its customarily low position, taking 32nd place in the league table, with less than one percent of the world’s spam originating here.

New Zealand ranked even lower in 58th position.

The US continues to relay more spam than any other nation accounting for 19.6 percent of global spam. Europe now has six entries in the Dirty Dozen, which when combined, account for even more spam-relaying than the US.

The overall global volume of spam rose by nine percent during Q2 2007, when compared to the same period in 2006.

After the U.S. and China, South Korea ranked third with 6.5 percent, followed by Poland with 4.8 percent, Germany 4.2 percent, Brazil 4.1 percent, France 3.3 percent, Russia 3.1 percent, Turkey 2.9 percent, the UK 2.8 percent, Italy 2.8 percent and India 2.5 percent.

Sophos senior security consultant, Carole Theriault, said while the US remains the top spam dog, there results show an urgent need for countries to join together and take global action.

“Once a machine is compromised, it is often used to send out spam for a variety of campaigns,” she said. “In a matter of seconds, we can see compromised systems send messages on a dozen different topics from stock scams to diet drugs.”

In addition to naming the Dirty Dozen, Sophos also examined where Australian spam actually came from over the three month period producing a detailed map. Sophos Asia Pacific head of technology, Paul Ducklin, said the exercise made it clear that spammers are ready to ‘borrow’ any computer illegally to send e-mail regardless of the location.

“The map shows activity almost everywhere people live; Africa may not yet be very well-wired, but it’s certainly wired enough to be useful to the spammers,” he said.

“This is a call to arms for Australians — there’s plenty of spam reaching Australians from inside the country, and that’s our own fault.”

At a briefing held at the AusCERT 2007 IT security conference earlier this year, Queensland Police said each month more than A$500,000 (US$446,000) is funnelled out of the state as a result of Nigerian ‘get rich quick’ spam.

Detective acting superintendent Brian Hay of the Queensland Police Service has interviewed more than 130 victims who have collectively been defrauded of about A$18 million.

Incredibly, the victims aren’t keen to prosecute. In fact, Hay said about 75 percent continue to send the scammers money even after being advised they are the victims of fraud.

“They are emotionally attached to their get-rich dream; some have been paying for 10 years and after investing so much effort don’t want to face the truth because it is a nightmare,” he said.

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now