Spam volumes down,... but is it a good thing?
A year ago, as much as 90% of mail was spam. This summer the levels have fallen to about 78%, but that could be because the botnet operators have found other more lucrative ways to use their networks of compromised machines.
According to Symantec's monitoring, spam on a global basis accounts for about 78% of all emails sent each day, and that figure is true of the UK and USA as well. Some countries receive more than others though, with the worst hit being Saudi Arabia where almost 86% of all mails are spam.
However, in the case of phishing attacks (such as where the spammer is trying to get you to log into a fake bank site to hand over your online banking password), the UK has now overtaken South Africa to become the most targeted country in the world. There is also evidence that phishing attacks are now becoming more targeted, and targeted against business users and corporate bank accounts which have the potential to give much bigger returns.
On a more positive note, there are few apologists for spam these days, and many organisations are taking more active approaches to quash it. One such example is found at Google which recently removed eleven million domains from its search engine results because of their association with spammers. The domains in question were those ending with .CO.CC. The CC suffix is the top level code for the Cocos Islands, a small island group in the Indian Ocean, but CO.CC is registered to a Korean company which sells subdomains in bulk, $10 for 100 names, enabling spammers and phishers to set up sites with convincing-sounding business names like pfizer.co.cc or hsbc.co.cc for example. According to the Anti-Phishing Group report, the .CO.CC sub-domain was one of the commonest used in phishing attacks. Delisting it from Google sends out a good message, but is probably only a passing inconvenience to the phishers. More effective is to block .CO.CC at your own firewall, to stop yourself accidentally visiting these sites, even if the phishing and forgeries deceive you.
The police and courts have also been more active in dealing with phishing. Three fraudsters who were arrested by the Metropolitan Police during 2010 for operating phishing scams have been convicted of fraud at Snaresbrook Crown Court (London). Two received sentences of five years and one of two years. The court heard that the trio's crimes included breaking into 900 bank accounts and obtaining details for over 10,000 credit cards, which resulted in losses of £4.2 million. Financial investigators are still working on the case, hoping to confiscate proceeds of the crime.
29th July 2011
This article comes from the SKILLZONE email newsletter, published monthly since January 2008, and covering topics related to technology and the internet. All articles and artwork in the SKILLZONE newsletter are orignal content.