Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. World's Foremost Spam Nation In 2004

Posted by timothy on from the then-why-is-mine-mosly-cyrillic? dept.

der Kopf writes "As reported by ZDNet, '42 percent of all spam sent this year came from the United States,' which makes the U.S. the unthreatened king of the 2004 spam hill. Number two on the list is South Korea (with 13.43%), while China can be found in third place (with 8.44%). The U.S. put out more spam this year than all the other countries in the top 12 combined." All depends who's counting, I guess.

12 of 274 comments (clear)

  1. And it's mostly coming from fucking idiots... by Anonymous Coward · · Score: 5, Interesting

    ...with owned, unpatched Windows machines sitting directly on cable or DSL connections.

    If Comcast and Verizon spent half as much on cracking down on their moron customers as they do on mailers begging me to use their Internet services, they'd have this problem under control in no time.

    1. Re:And it's mostly coming from fucking idiots... by Anonymous Coward · · Score: 1, Interesting

      My company uses Verizon DSL and we've been having a lot of problems lately due to getting dynamically assigned IP addresses that have been previously used by customers with trojaned machines. The IP addresses have been made it onto some spamming blacklists, but Verizon doesn't bother to remove them from the pool, so I find emails to customers and business partners disappearing into the ether thanks to the blacklists (unless I keep unplugging the DSL modem until I get a decent IP address). Maybe if Verizon customers start to realize why their emails aren't getting through there will be some pressure on Verizon to get off its ass and police its network...

    2. Re:And it's mostly coming from fucking idiots... by idiotnot · · Score: 2, Interesting

      I have a Verizon customer who attempts to send my mail server around 1k emails per hour. I complained to Verizon three and a half months ago. They shut the host down for about a week, then let him back...same thing. Normally, I get between 17 - 22k blocked connection attempts from ipfilter _from this one host_ per day.

      I complained again, and they didn't do anything. I really can't imagine the computer on the other end is at all usable, because it's so busy trying to send spam.

  2. A better question... by Mhrmnhrm · · Score: 3, Interesting

    How did they come up with their numbers? I can easily see the US leading because of zombified Windows machines, but where are the ISP mail relays those zombies are using?

    --
    I suspect that one of these choices is incorrect. Correct.
  3. Spamvertised web sites in China by MightyYar · · Score: 5, Interesting
    I report all my spam via Spamcop.net, and while I don't have any numbers, it seems like almost all of the spamvertised web sites reside in China.

    My understanding is that if you could close down the spamvertised sites, spam would largely be restricted to phishing attacks. If I didn't believe this, I probably wouldn't bother using spamcop!

    --
    W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
    1. Re:Spamvertised web sites in China by Zocalo · · Score: 3, Interesting
      it seems like almost all of the spamvertised web sites reside in China.

      Not for long I suspect, I do quite a bit of statistical analysis of spam and there are definitely changes in progress. Over the two years or so, there has a swing from using open relays and "bullet proof" hosted servers to actually send the spam to using compromised boxes on broadband connections. This is reflected in the report; a move from IPs in China to those in DSL pools countries with sizable adoption of broadband connectivity.

      The actual sites being spamvertised however have remained solidly in the traditional havens where ISPs with questionable anti-spam policies can be found. However, over the last few months in particular I have seen steadily growing numbers of spamvertised sites that are also being hosted in DSL pools, undoubtably on compromised boxes. From a spammer's perspective this is a no-brainer (no more hosting fees) so it's fairly obvious that this trend will continue I think.

      There are both good and bad points to this. The bad is that it makes traditional SpamCop style IP reporting almost unworkable - there are so many unpatched boxes that an ISP has no chance at dealing with them all. It was a game of Whack-a-Mole to start with, only now the number of holes that the moles can pop up from has gone up by a few orders of magnitude. The good however is that DNSBLs of the actual domains being used instead of the IPs, such as the SURBL lists, that can be generated from SpamCop submissions are *incredibly* good indicators of spam - so keep up that SpamCop reporting!

      More contentious though, is how ISPs might respond to this new spammer tactic. The simplest solution is probably going to be further restrictions on what an IP on a broadband connection can and cannot do. I expect to see more DSL services that are blocked prevented from running servers on certain ports, forced to send email through the ISP's gateway server, and possibly even outright firewalling of certain "remote access" ports like NetBIOS, RPC and so on.

      Frankly, given the rising tide of spam, ever increasing port scans bouncing off my firewall and almost total apathy of J.Sixpack in keeping his/her PC patched, I'm getting more fond of this idea every day. What I'd like to see is ISPs offering "standard" DSL packages with the kind of restrictions I mentioned above stated up front, alongside an unrestricted "premium" package - it could even cost a little extra. Alternatively, there is the middleground approach that my ISP uses: you can't run an email server by default, but send tech support and email and they'll unblock port 25 for free and periodically check that you are not running an open relay.

      One thing's for sure, if/when ISPs do respond to this latest spammer tactic, the spammers simply move the goalposts yet again. :(

      --
      UNIX? They're not even circumcised! Savages!
  4. Sure it will by rsilvergun · · Score: 2, Interesting

    as the center of the world's economy moves away from the US (which is is). Americans have way too high a Standard of Living. Worse, we've got a high SoL for most anybody here. The rich bastards of the world are busy ballancing the books and it looks like India and China (with their hugh, easily abusable populations) will come out ahead. Just give it time and the spammers won't have nearly enough Americans with more money than sense anymore, but they'll be plenty elsewhere.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  5. Re:The undisputed kings of bullshit by interstellar_donkey · · Score: 5, Interesting

    You've managed to put your finger on the biggest problem in the Western social and economic system, that corps have the same rights than humans but none of the responsibility .

    Though I don't think hitting the corporations financially as punishment really works. Large corporations will typically build in potential losses from economic punishments for misdeeds into their business model. A company may knowingly release a product they know to be unsafe, and simply put a portion of their profits aside for paying out of court settlements to victims.

    In essense, this is akin to saying that it's alright for me to go around killing people without fear of jail if I can afford to pay the victim's families a large portion of money.

    What I'd like to see is criminal charges brought on descision makers in corporations who knowingly use unsafe methods to produce a product that they know to be dangerous. In other words, a manager who makes the decision to save $0.02 on each product produced by using a less safe part won't be hedging those cost savings against the potential court costs from the families his company's product kills, he'll be hedging it against the very real possibility that he himself may face prison time for multiple murder charges.

    We cannot give large corporations exemption from responsibility on a human level. We see corporations as faceless entities, but there are always human beings behind the scenes making decisions on how that corporation acts. If we start making those humans accountable for the actions of the company for whom they make decisions, I think we'd start seeing quite a bit more safety, envrionmental and social responsibility in the corporate world.

    --
    The Internet is generally stupid
  6. Where it comes from, isn't always who its from.... by Avatar889 · · Score: 1, Interesting

    Just because all of this spam is coming from America, doesn't mean Americans are the spammers. Most of the spam, I would be willing to bet that most of that mail is from stupid Windoze users getting pwned and having their "super-fast", "always on" connections that they don't even know how to use. But take a look at who writes these viruses and stuff, they whould be the ones held accountable for all of this traffic. Also, look at the spamhaus lists or such, how many of them are American? Not many. So before all of you foreigners go on your self-righteous, America bashing campaigns, take a look at the facts and not just some bullshit those dirty, dental hygienically challenged bastards from across the pond are spewing forth.

    --
    Nullum magnum ingenium sine mixtura dementia (There is no great genius without a mixture of madness) - Aristotle
  7. Who is the real badguy? by mahesh_gharat · · Score: 4, Interesting

    Yeah, most of the spam is also US centric. It mainly contains either Via9ra or P3ni5 enlargement programs. Most of the people out side US receive these mails and some stupid amongst those who really want to purchase those products by reading the mails can not buy since most of these products even don't have distribution network outside US.

    One of my friends, who work for a US based company, which sells cigarretes online. All this guy has to do is get some working email ids and send the mail drafted by the US based company. He does this from location outside US though. This guy has written a UserAgent (Robot) which goes to Yahoo and grabs the email ids at random and mails them. Untill this it looks very bad but if you see inside they do get enough business through this channel for their survival at least. They do not have any other business channel other than this and they are doing fine.

    Even if this guy is generating the SPAM from the location outside US, he is doing it for his master sitting there in US.
    Now, who is the real badguy?

  8. U.S. head start on 2005 begins today by phillymjs · · Score: 4, Interesting

    Just after Christmas last year I noticed quite an uptick in spam attempts on my mailserver from U.S. residential broadband IPs. Clearly this was from new computers received as Christmas gifts getting quickly zombied.

    All the people who came downstairs this year to find a shiny new Dell or Gateway under the tree should be getting their machines owned by spammers right about..... now. So prepare for another post-Christmas onslaught as the spammers play with all their newly-acquired toys.

    ~Philly

  9. Re:Wrong: China is Still # by ScrewMaster · · Score: 3, Interesting

    I can believe Comcast is still #1. That's my ISP and the number of spams I get (not to mention the number of worm propagation attempts) from Comcast addresses is remarkable. Of course, they do have a lot of IPs. I do know that, in my area at least, they've implemented a policy whereby if you send more than some {undefined} number of emails within some {undefined} interval, SMTP access is suspended automatically. I know because I had accidentally set my mail server to bounce unknown messages back to the sender. Since I receive over a thousand spams a day that made me a spammer, so far as Comcast was concerned. Okay, my bad ... but Comcast couldn't be bothered to let me know what was going on. Their assumption was that I was deliberately spamming: the fact that I might have been zombied didn't seem to occur to them. All I knew was that my SMTP access had been blocked, for no apparent reason, and their tech support had no idea what was going on. I finally found a person who had a clue, and he said it would take a couple of days for my access to return automatically.

    I hear all kinds of noise about how to deal with spam from the standpoint of broadband users running as unwitting spam relays. Everything from "make it the ISPs responsibility" to "require users to get training and get a license in order to get online". What is the real solution? I don't know, but anything that requires passing a Federal law will probably cause more harm than good. Doesn't mean they won't try to pass one, though.

    Personally, I liken people that run unprotected, unpatched machines as being "bad neighbors". You know the kind: the one that lets his dog run free and crap all over your yard. Yes, I realize that most of these zombied systems are in that situation because of the ignorance of their owners. But if that neighbor started building a garage extension on your side of the property line, you wouldn't let him off the hook because he couldn't read a survey.

    People don't really think of security as being a social issue as well as a personal one. I believe that most people want to be good neighbors, and would take steps if you reported their dog taking a dump on your property. But there are hundreds of thousands, if not millions, of zombies out there whose owners have no idea that their systems are crapping in everyone's back yard. Somehow, we need to close the loop on these people so they a. know that they've been taken over and b. give them easy, effective steps to take care of the problem. Tall order, I know. Comcast is heading in the right direction with their policy, but they need to let people know when they've been disabled, and why. Maybe they are now, I don't know.

    --
    The higher the technology, the sharper that two-edged sword.