Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. is World Leader in Spam

Posted by michael on from the everyone's-good-at-something dept.

adept256 writes "Sophos outs 'dirty dozen' spam producing countries. And the USA is in the lead by a country mile. 'The United States is far and away the worst offender, accounting for nearly 60 percent of the world's spam. Even though European countries are responsible for less spam, they are still generating millions of junk emails a day,' said Graham Cluley, senior technology consultant at Sophos."

54 of 398 comments (clear)

  1. So much for the AXIS OF EVIL... by Anonymous Coward · · Score: 5, Funny

    ...and its spamming leader.

    1. Re:So much for the AXIS OF EVIL... by mwood · · Score: 5, Insightful

      Nah, it's just because we have so many more computers for the bad guys to zombify. (Or, more or less equivalently, we have so many more clueless computer owners.)

    2. Re:So much for the AXIS OF EVIL... by MCZapf · · Score: 5, Interesting

      We probably also have more "entrepreneurs" (spammers and their customers) who are trying to get rich quick. That is, after all, the American Dream.

    3. Re:So much for the AXIS OF EVIL... by tolan-b · · Score: 5, Insightful

      "What's your point? One's a continent and one's a country dumbass. I bet Asia has more people online than the USA too."

      RTFC, 60% of spam comes from the US, but there are more computers outside the US than inside, that means that the claim that the US is only so high because it has so many computers is provably wrong.

    4. Re:So much for the AXIS OF EVIL... by paranode · · Score: 5, Informative

      You might find this graph very interesting.

  2. While they're at it... by Hayzeus · · Score: 5, Insightful
    ...maybe Sophos could also get around to changing their default "notify recipient" setting on their email virus scanner.

    That way, Sophos themselves might produce a little less spam...

    --

    Roving Web-Teleoperated Robot
  3. Its no supprise. by psycht · · Score: 5, Insightful

    So many broadband & other high-speed connections left wide open that can relay data.

    --
    thelikesofwhich.com
    1. Re:Its no supprise. by hendridm · · Score: 5, Insightful

      Or perhaps it's all the aspiring entrepreneurs who are trying to make a quick buck with no regard for ethics or other people.

      I was born and raised in the U.S., but some of the scams I see just sicken me and the lengths people will go to to make a quick buck. Some people will even take advantage of their friends and family! Who needs enemies when your own brother or sister is trying to guilt you into their latest multi-level marketing endeavor.

  4. Re:Nigeria? by Dr+Tall · · Score: 5, Funny

    What are you talking about? I should be getting my million dollars from Nigeria in the mail next week!

  5. Why am I not surprised by lavalyn · · Score: 5, Interesting

    Spamming computers may appear to be foreign, but in the end, it's nearly always an American source. Or from the Netherlands for some reason in those stupid 419s.

    If you're not blacklisting from Spamhaus's SBL+XBL of spam outfits & open relays, and dialup pools, those ones are natural things to start blocking on connect.

    --
    Doing the Right Thing should not be preempted by making a buck.
    1. Re:Why am I not surprised by Flyboy+Connor · · Score: 4, Informative

      Not so many anymore from the Netherlands since the police came down hard on a group of about fifty 419 spammers in Amsterdam.

    2. Re:Why am I not surprised by mpickut · · Score: 5, Funny

      Yeah, were number 1, were number 1, were number 1! Take that Ossama. Lets see you Al Queada guys match our spam output! And the French can't even come close. Remembers when spam is outlawed only outlaws will spam.

      --
      Sigs are for losers.
    3. Re:Why am I not surprised by anticypher · · Score: 4, Interesting

      The 419 scams were cracked down on in the Netherlands recently, sending the scammers mostly to Madrid and Barcelona. Its a whole community, the majority are no longer Nigerians, but a mix of eastern europeans and west africans. The africans work the front end of the scams, pulling in leads. The eastern europeans work the back end, setting up banking accounts, credit card processing scams, laundering the money and the like.

      There are a bunch of network operators tracking the technical guys, who buy up space in Colo's to house their scam sites and ADSL connections for the apartments where the scammers operate from. Mostly they use hijacked machines spread all around the internet for their relay points and temporary (30-90 minutes) websites, but those tend to be controlled from a few central servers. These are scary people to deal with, the Albanians have a nasty reputation of just killing anyone who might cross them. We were warned repeatedly by the police to not confront them, but take notes and let the police deal with it. There are dozens of unsolved murders blamed on the Albanians, including some from the 419 scam gangs.

      In the Benelux area, we're glad the police finally did their job, even though the investigation took more than a year. Now its the poor Spanish police's turn, and the scammers know they don't have an effective high-tech group. So expect the 419 scams to continue to grow.

      Still, Clueleyless is right about most spam coming from US sources, despite their using hijacked machines all around the world. I haven't seen a spam recently that didn't have a US oriented payment method, US phone number, US mailing address. Its American spammers targeting American victims, and American law enforcement is afraid to do anything about it. I can't remember the last time, if ever, I saw a French, Spanish, Portuguese, or Dutch language spam. Or one in Euros.

      the AC

      --
      Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
  6. Phear Canada by grub · · Score: 5, Funny


    While you Americans are spamming the world, we Canucks are gulping down herbal viagra, slathering growth cream on our willies and Making Money Fast.. Laugh at us, will you?!

    --
    Trolling is a art,
  7. Much from compromised computers by AlecC · · Score: 4, Interesting

    Reading the article, a more interesting point is that at least 30% - which probably accounts for a large slice of the US end European contribution - is from compromised machines. They believe most of those are directed from Russia.

    Aside from the absence of Russia, the only thing I find surprising about the list is the high position of Canada - second, 6.8%. Given Canad's relatively small population, that must make them the leader in spam-per-capita - an unpleasant distinction.

    --
    Consciousness is an illusion caused by an excess of self consciousness.
    1. Re:Much from compromised computers by Jonboy+X · · Score: 4, Funny
      Aside from the absence of Russia, the only thing I find surprising about the list is the high position of Canada - second, 6.8%. Given Canad's relatively small population, that must make them the leader in spam-per-capita - an unpleasant distinction.

      /me can't stop humming of that "Blame Canada" song from the South Park movie, and anticipating the inevitable "Spam Wars".

      Actually, that'd be a damn good title for a movie.

      Hey, it's Friday, cut me some slack. ;)

      --

      "In a 32-bit world, you're a 2-bit user. You've got your own newsgroup, alt.total.loser." -Weird Al
    2. Re:Much from compromised computers by gowen · · Score: 5, Insightful
      high position of Canada
      Well, taking my twenty-odd thousand spams as a sample, a lot of Canadian spams come from compromised machines at shawcable / shaw.caclient*.comcast.net and attbi.com, the abuse departments are too lazy^H^H^H^Hoverwhelmed to do anything about them (even easy solutions, such blocking port 25 and insisting mail is relayed through their own SMTP servers, which would kill this spam stone dead at a stroke).
      --
      Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
    3. Re:Much from compromised computers by rm007 · · Score: 5, Interesting

      the only thing I find surprising about the list is the high position of Canada - second, 6.8%. Given Canad's relatively small population, that must make them the leader in spam-per-capita - an unpleasant distinction

      Not so surprising, the figure is not really out of whack. While the population is a little more than one tenth - 32 million vs 292 million - higher internet usage levels, especially broadband penetration probably accounts for some of why the Canadian figure is not closer to the 5.7 - 5.9% that you might expect. As other posters have noted, normalizing the data would have helped make more sense of the of the numbers that they present. At any rate, it is safe to assume that too many Canadians and Americans do not secure their computers properly if compromised machines account for so much of the spam.

      --


      I've finally got around to changing my sig
    4. Re:Much from compromised computers by RetroGeek · · Score: 4, Interesting

      the abuse departments are too lazy^H^H^H^Hoverwhelmed to do anything about them

      I sent them a log of IPs pinging my firewall, trying to connect using NetBUI, trying to pop-up net msgs, etc. I stated somewhere in the msg that my firewall was constantly writing ot the log from all the hits. A LOT of the IPs were from within the Shaw set of IP addresses.

      The response?

      "this is a common problem, turn off the logging in your firewall".

      Turn off my logging? How does that stop the hits?

      --

      - - - - - - - - - - -
      I am a programmer. I am paid to produce syntax not grammar. Deal with it.
  8. When was this sample taken? by nebaz · · Score: 5, Insightful

    I wonder if the recently passes Federal Anti-Spam legislation has had any effect on these numbers. Obviously not a big enough one, since according to these figures, so much spam still comes from the U.S. If these numbers can be tabulated, can they not also report the offenders to the police?

    I also wonder if there is any way to bring the issue of unprotected computers to the public. Perhaps negligence penalties of some sort? I don't want to punish the wrong people, but it would be a lot harder to hack into all of these systems if they were administered properly.

    --
    Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
  9. How about normalizing that data? by Mr.+Underbridge · · Score: 5, Insightful
    Yes, so the US generates 60% of the world's spam. However, what fraction of the world's total email traffic does the US generate? I bet it's near 60%.

    Without having some idea of what fraction of a country's email traffic is spam, these numbers just tell you which countries have a bigger internet presence, and absolutely nothing more.

    1. Re:How about normalizing that data? by g0qi · · Score: 5, Interesting

      For too long, US Sys & Law Administrators have taken cover saying that the source of spam is almost always foreign and there's nothing they can do about it. This article is the wake up call. It doesn't matter what email traffic the US generates, but it just proves that much of the spam is from within.

      --
      Yea. I know.
  10. Re:Nigeria? by cfradenburg · · Score: 5, Informative

    This isn't who is writing the email is. It's where the computer that sends it out is. The article mentions that Russia should be higher on the list but a lot of SPAM is sent through compromised computers in America.

  11. This doesn't bode well... by JohnGrahamCumming · · Score: 4, Funny

    ...for average US penis size.

    Luckily, I'm British and we're only number 9 on the list :-)

    John.

  12. Poor research... by Genjurosan · · Score: 4, Interesting

    The article indicates that the 'researchers' spent two days collecting information.

    Only two days of research is a lame attempt at a research project.

    For all we know, those responsible could alternate source every other week, thus invalidating this 'insightful' conclusion.

    Also, the article fails to mention how they are so positive of the origin. Who knows how many open relays the spammers use.

    I'd believe an article that indicates that the US has more open relays than any other country, as I would venture a guess that it's relative to total number of computers wired to the net.

    my 2c

  13. Blame Russia by pvt_medic · · Score: 4, Funny

    Well the article also points out that much of the spam may orriginate in Russia from the hackers there. Who then subsequently take advantage of zombie machines in countries like the USA.

    Well just dont let GWB learn of this, just what we need him to do, start a new cold war over spam. It be his newest attempt to revitalize the economy.

    --
    30% Troll, 50% Underrated, 10% Interesting
    Score:5, Troll
  14. The report isn't really valid by Moryath · · Score: 5, Insightful

    For example, a Nigerian email sent from a hotmail/yahoo account (they almost all are) would seemingly, by this standard, come from the US.

    And then there's the thing they themselves point out; their methods of determining origin only go so far, hijacked machines / email routers configured to "wash" the headers of relayed stuff also go a long way to making the numbers invalid.

    I still say the ultimate revenge is to paper-spam the big spammers. Sign them up for hundreds of thousands of magazines and all the rest.

    The coup de grace would be then to package and mail a spammer the contents of my cats' litterbox the day after feeding them beef 'n' bean leftovers.

    1. Re:The report isn't really valid by dipipanone · · Score: 4, Insightful

      For example, a Nigerian email sent from a hotmail/yahoo account (they almost all are) would seemingly, by this standard, come from the US.

      And how do you suppose is this *not* spam of US origin?

      While the author of the email might not be American, the domain and the sysadmin certainly are.

      If someone is using Hotmail or Yahoo to whap out zillions of spams, I see that of evidence of an incompetent systems administration in exactly the same way that I'd see someone failing to secure their mail relays in China, and as such, I'd expect that domain to be held accountable for it.

  15. Duh.. by UncleBiggims · · Score: 5, Funny

    Of course the US is the leading producer of SPAM. It was invented here. And according to the SPAM Museum, Hormel produces 435 cans of spam PER MINUTE in Austin, Minnesota.

    Are you Corn Fed?

  16. Made in America by physicsboy500 · · Score: 5, Funny

    Wow... when I see my next ad for "enlargment pills" I'll smile with delight that the ad I'm looking at was made in America...

    Did I mention that by smile I mean Be menacingly overcome... and by delight I actually mean rage... sweet glorious rage.

    Another reason for my heart to swell with pride for my country

    --
    The original generic sig.
  17. So... by Universal+Nerd · · Score: 4, Insightful

    Since so many USian companies block all email from the brazilian IPs should I now block all email from USian IPs?

    This isn't a troll (despite sounding like one).

    I'm very upset that my mail server, a very well maintained with a plethora of spam and virus filters, is blocked by asshat american sysadmins "just because we're spammers".

    --
    Ash nazg durbatuluk, ash nazg gimbatul Ash nazg thrakatuluk agh burzum-ishi krimpatul
  18. Re:Let me be the first to say... by chamilto0516 · · Score: 4, Funny
    If we were really number one, you wouldn't have just posted this here. You would have emailed it out to everyone you know and many addresses that don't exist but thought you would give them a try.

    P.S. Don't use the To: field when there is a perfectly good BCC: field that will do

    --
    Magic Eight Ball: Outlook not so good., Hmmm, how about Excel and Word?
  19. Re:Who Is Surprised By This? by akadruid · · Score: 4, Insightful

    ...We're the richest, most powerful, most prosperous country in the history of mankind...Leading in spam is a small price to pay...

    Dream on sunshine. Ever heard of the Roman Empire? Greeks? British? Germans? Even the French were more powerful in their day. You have some of North America, a little in the Middle East, and not a lot more. The greatest spammer in the history of mankind is not really an accolade to stand in the history books. In time, people will look back and say 'So they were number 1 in a well contended field for a short time... so what?'. You got a way to go yet sunshine. Don't think that one half-assed victory in the middle will make the emperors of old start saying 'Fuck me, wish we'd had that 'e-mail spam' thing to go along with our might legions'.

    Damn I just realised I got trolled properly there.

    --
    "Those who cast the votes decide nothing; those who count the votes decide everything." (attrib. Joseph Stalin)
  20. canada's population by Reinout · · Score: 4, Interesting

    Canada's population is 31.6 million (2003).

    I looked at it as I wondered whether the Netherlands (16 million) would win in the spam/capita contest. Nah, canada wins. 3x the spam, 2x the population.

    Reinout

    --
    Reinout van Rees
  21. An idea for curbing spam? by wiggys · · Score: 4, Insightful

    Obviously the "war on spam" needs to be fought on legally as well as technologically (and thanks to the fucked-up CAN-SPAM act some spammers are being given the green-light to annoy the hell out of us legally).

    Assuming we ever have laws in place which state that genuine opt-in lists are the only valid way to advertise products then we still cannot sue the spammers who send junk to harvested addresses because of the problems involved with tracing them.

    Tracing spammers is difficult/sometimes impossible because any computer on the internet can runs its own SMTP server to send mail to anywhere on the net. 10 years ago when the net was more innocent and less commercially corrup, this was fine, but nowadays this is just too powerful.

    The problem is, if some clueless person (which probably accounts for 80% of net users) has their machine compromised by a virus or trojan than their computers are used to send out the spam, and as there are no log files the spammers are virutally impossible to trace.

    Now imagine if the only way to send spam was via an approved mail server. For most of us this will be our ISPs, for the rest we will simply subscribe to one of the many official trusted ones.

    Now the problem of reporting spam is a lot easier - complaints will be dealt with by the trusted mail servers who keep detailed logs of which customers have logged in to send mail, what IP address they used and at what time.

    It doesn't matter if the customer deliberately sent out the spam or if they had been compromised by a trojan - the trusted mail servers can deny their customers the right to send more email until they have had an assurance from their customers that the problem has been fixed.

    I'm not saying this is going to end spam altogether, but it should go a long way to curbing it.

    What about all the spam which originates from, say, Nigeria or Amsterdam? Simple - unless the trusted mail server takes active steps to eradicating the spam they will no longer be trusted.

    --

    Sorry, but my karma just ran over your dogma.

  22. Re:I would have sworn it was CN, TW, KR and simila by rduke15 · · Score: 5, Informative

    A lot comes from Asian computers, but if you look into the spam itself (what it sells -> who is actually selling it), most comes in fact from the US.

  23. #1 spam producing state is by LittleLebowskiUrbanA · · Score: 4, Informative

    Florida! Thanks to its weak spam laws.

    --
    This guy is way out there
  24. Re:I thought as much by perly-king-69 · · Score: 4, Funny

    And to prove it, you have a wonderfully syntactically challenged President.

    Misunderestimated

    The inhabitants of Greece are Grecians.

    --

    --
    This sig is inoffensive.

  25. Re:No.1 sender and hardest to block by Troed · · Score: 4, Interesting

    .us ... you might want to think twice about why US companies aren't using it - and about whether companies all over the world are evil when they (also) want to use .com

    --
    it's in my head
  26. Spamgourmet to the rescue (spam - /dev/null) by hrath · · Score: 5, Informative

    One of the most effective means of dealing with Spam & when being required to hand out an email address is Spamgourmet (http://www.spamgourmet.com). You create an account and can then use unique email addresses of the form ..@spamgourmet.com . The cool thing about this is that for each email received on this account the counter is decreased and once it reaches zero all further emails will be discarded. This is great to hand out if you're ordering something from an online store and only want to receive 1-3 emails for order confirmation/shipment but not get any future spams.

    The service is free and offers a couple of other neat features. I've been using it for about a year and it's been very reliable.

    Highly recommended.

    Heiko

  27. BZZZT! Wrong! by goldspider · · Score: 4, Informative
    "Do you know what the national debt means? It means you bought an amount of 7 000 billions of goods to other countries without paying them"

    Your own explanation demonstrates perfectly that you are the one who doesn't know what the national debt is.

    Simply stated, the national debt is what taxpayers owe the treasury for purchases made by the government. When the amount of money spent by the government exceeds the amount of tax money collected, you have a budget deficit. The national debt is the total amount, plus interest, owed to the treasury.

    It has nothing to do with international trade. I believe what you are refering to is called a "trade deficit".

    --
    "Ask not what your country can do for you." --John F. Kennedy
  28. Wrong by Mr.+Underbridge · · Score: 5, Insightful
    B.S. it isn't a case of "one spam for every x legitimate emails" the number of spam emails and legitimate emails are completely unrelated.

    Read the response by the second guy to respond to me. Both legitimate and illegitimate email are going to track with the number of total servers (scaled by how many are unprotected) and number of internet-connected citizens (scaled by how many are internet-connected) among other variables he mentioned.

    I mean, actually think about what you're saying. You would congratulate Antarctica for generating 0 spam. If you want to look at this without considering "ham" emails, look at the spam difference - (spam sent = spam received). I would argue that even this difference should be fractioned by how many total emails are sent received which really is a decent measure of internet presence, but even without it, you at least separate net spam "donors" from "recipients"

    Honestly, if you don't normalize variables in comparing large sample sets with small, you absolutely cannot compare raw numbers. I could recommend statistical reference texts if you like.

  29. USA!!!! USA!!!! USA!!!! USA!!!! by FSK · · Score: 4, Funny

    we're number 1!!!!!!!!!!!!!

    --
    When punk rock is outlawed, only outlaws will have punk rock.
  30. Yeah, the U.S. is the leader in spam right now... by Anonymous Coward · · Score: 5, Funny

    ...but wait. Before ya know it, sending spam will be offshored to India too.

  31. money, money, money by novakane007 · · Score: 5, Funny

    What?! The home of capitalism is also the home of spam?! How could this be? /sarcasm

    --

    WURD!!
  32. Re:well... by Anonymous Coward · · Score: 5, Funny

    Hey, don't be so down on yourselves. The US is the world leader in lots of things. Military spending, patent lawsuits, oil consumption...

  33. A NEW UNCOVER SECRETS ABOUT ANYONES!! teheknfd by Westech · · Score: 5, Insightful

    Nah, it's just because we have so many more computers for the bad guys to zombify.

    I agree. Just looking at the horribly butchered English that is in 95% of the spam that I get tells me that it not written by someone who's first language is English.

  34. Re:A NEW UNCOVER SECRETS ABOUT ANYONES!! teheknfd by LearnToSpell · · Score: 5, Funny

    ...not written by someone who's first language is English.

    Like you, say?

    --
    Haida Manga
  35. Re:Who Is Surprised By This? by Pave+Low · · Score: 4, Interesting
    Your reply only demonstrated how the US isn't an Empire, where it's so fashionable to claim it is here.

    You didn't refute any of part of my statement you quoted. We ARE the richest, most powerful, and most prosperous. There's really no debate there.

    --
    SIG:Slashdot: indymedia for nerds.
  36. Population Adjusted Values: by mumblestheclown · · Score: 4, Insightful
    The third column is the one of interest (the second is population, in millions, the third is a sort of spam per person score, where lower a lower score is worse). Long story short, Canada is worse per person than the USA, and netherlands and sourth korea have nothing to be proud of, either, as their governments are doing statistically about an equivalently poor job of keeping the problem in check.

    That said, hopefully this study (not my little humor below, the sophos study) begin to, ever so slightly, shut up those people who claim that spam laws are useless because they will just drive spammers from one locale to the next. while this is true at the margins, the fact is that spam, like all business, is foremost local.

    1. United States 56.74% 280 493
    2. Canada 6.80% 30 441
    3. China (& Hong Kong) 6.24% 12400 198718
    4. South Korea 5.77% 48 832
    5. Netherlands 2.13% 16 751
    6. Brazil 2.00% 166 8300
    7. Germany 1.83% 82 4481
    8. France 1.50% 60 4000
    9. United Kingdom 1.31% 59 4504
    10. Australia 1.21% 19 1570
    11. Mexico 1.19% 95 7983
    12. Spain 1.05% 41 3905
    1. Re:Population Adjusted Values: by mumblestheclown · · Score: 4, Informative
      I updated and fixed the numbers a bit and added another column for number of internet users and recomputed the scores.

      While I don't want to claim that this sort of back of the envelope estimate is truly explanatory, it does suggest, for example, that Germany and the UK have been quite effective while other places have not. Again, the last column is a score, where lower is better.

      1. United States 56.74% 294 518 186 328
      2. Canada 6.80% 32 471 17 250
      3. China (& Hong Kong) 6.24% 1327 21266 80 1,282
      4. South Korea 5.77% 48 832 26 451
      5. Netherlands 2.13% 16 751 11 516
      6. Brazil 2.00% 166 8300 14 700
      7. Germany 1.83% 82 4481 45 2,459
      8. France 1.50% 60 4000 22 1,467
      9. United Kingdom 1.31% 59 4504 35 2,672
      10. Australia 1.21% 19 1570 13 1,074
      11. Mexico 1.19% 95 7983 10 840
      12. Spain 1.05% 41 3905 14 1,333
  37. Does anyone know what metric? by Asprin · · Score: 4, Insightful


    Does anyone know what metric was used to determine these rankings? Was it "country where the first SMTP transfer originated"? Was it "office address of the dude typing in the text of the spam"?

    I hate it when dudes publish 'findings' and don't explain how they got them. So much for the scientific method and reproducibility -- they could have made the whole thing up!

    [**NOTE** I am not saying they did make the numbers up, but as a matter of journalistic and scientific integrity, when you publish the results and don't publish the method used to determine those results, your cannot be evaluated as anything other than opinion. We're after facts, here, people, not truth. /RANT]

    --
    "Lawyers are for sucks."
    - Doug McKenzie
  38. ISPs, please block egress port 25! by RT+Alec · · Score: 5, Insightful

    I think it is time that ISPs block, by default, all outbound port 25 traffic. Customers can either:

    • Use the ISPs mail server (this accomodates 90% right away)
    • Use a VPN or SMTP+AUTH(+SSL) on an alternate port to connect to their SMTP server of choice (this accomodates another 9%)
    • For the remaining few that just have to run their own SMTP server, let them have a static IP and open up the ports
    Of course, some consumer ISPs won't be willing to deal with the headaches of option #3, or perhaps might charge a bit more for it, which is entirely fair. Businesses need to block all egress port 25 period, there is rarely a legitamate need for an employee to run their own SMTP server (unless they work in the IT department, but then they can probably open the port up themselves).
  39. The units of measure in spam suggest USA by tetranz · · Score: 5, Funny

    Its always inches or pounds.

    I've never received anything promising to add centimeters or lose kilograms.