Slashdot Mirror
US and China Top List of Spam-Relaying Countries
jcatcw writes "On Thursday Sophos released a new set of global statistics pointing out the biggest spam relaying countries in the world. Toping the list between April and June of this year were the US and China. 'Sophos senior security consultant Carole Theriault said that while the U.S. remains the top spam dog, there results show an urgent need for countries to join together and take global action. "Once a machine is compromised, it is often used to send out spam for a variety of campaigns," she said. "In a matter of seconds, we can see compromised systems send messages on a dozen different topics from stock scams to diet drugs." Paul Ducklin, Sophos Asia Pacific head of technology, said that spammers are ready to "borrow" any computer illegally to send e-mail regardless of the location.'"
Too bad that "Great Firewall" doesn't work both ways. Shame, really.
Always going forward, 'cause we can't find reverse.
If you want to count the EU as one country(which the EU seems to want to do for things that benefit it, but seem wont to do when the statistics are less than flattering) Europe reigns supreme:
Europe now has six entries in the Dirty Dozen, which when combined, account for even more spam-relaying than the U.S.
Monstar L
Of course they're high in the list of spam relaying countries. They are on the butt end of a lot of spam.
It's because the people in countries sending the spam know who the real ousted prince of Nigeria is.
"Live as if you'll die tomorrow." Ridiculous. You could die later today.
I expect the spam levels to match the gross national stupidity. ( Measured by the number of people who have acomputer and think that is an appliance that they can use without understanding. )
From the article, it seems the list looks like this: (The article didn't bother to include an actual, readable list)
1 U.S. 19.6%
1 China 19.6%
3 South-Korea 6.5%
4 Poland 4.8%
5 Germany 4.2%
6 Brazil 4.1%
7 France 3.3%
8 Russia 3.1%
9 Turkey 2.9%
10 U.K. 2.8%
11 Italy 2.8%
12 India 2.5%
(others) 23.8%
The article states that the US and China have the exact same percentage, even though their numbers suggest that they measured in tens of percents. Isn't that a bit too much of a coincidence?
Also, they mention Europe tops the list if seperate countries are lumped together; however, if I collapse the 5 (not 6) E.U. members I get this list:
1 U.S. 19.6%
1 China 19.6%
3 E.U. 17.9%
4 South-Korea 6.5%
5 Brazil 4.1%
6 Russia 3.1%
7 Turkey 2.9%
8 India 2.5%
So I wonder what country they added to Europe; Russia? Or maybe Turkey?
.... to PCs on broadband connections, is it any surprise that the countries with the widest deployment of consumer broadband will be the source of most spam?
To get the mass public to be diligent about keeping there computeres zombie free, we need both positive and negitive encouragement. Negative: First a notice, then a fine for "pollution/disruption" of a public space, the internet. Positive: a government site with all the free blockers/cleaners/tools you need to keep your computer malware free.
Both would be needed because the free tools are already out there, but they aren't being used by enough people because they don't care to expend the effort to be a good net citizen. On the other hand it would be wrong to fine people if you don't supply a way for them to correct their problem.
We are all just people.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
But you don't understand. In America, we're free to send spam. In China, they send spam because their government is evil.
the countries with the most bandwidth available to the general population, and which also have the greatest number of Windows installations and open mail relays, also produce the most spam. Hardly a surprising conclusion.
The higher the technology, the sharper that two-edged sword.
The U.S. is on top because of all the spambots ever since we let the unwashed come and play on the net. I can't tell you how many people I come across that have broadband connections and NO firewall or AV software whatsoever. They're all aghast when I explain what can happen when they don't have those things.
Whats really scary is that companies like Verizon and Cox send out wireless gear UNSECURED and with no instructions, or at least clear instructions on how to secure the network.
But in the case of China, it's government sponsored. So there is a big difference. In every case that I've gotten Chinese spam it's from one of the ISP's mail servers there.
Yeah! We're still #1 in SPAM relaying!
How do we rank in:
1. freedom of press
2. quality of journalism (ratio of quantifiable facts vs propaganda)
3. K-12 education
4. healthcare and life expectancy
5. government oversight and accountability
6. nonfiction national security (e.g., preventing unauthorized access across our borders)
Any ideas?
As a mail provider I wouldn't be surprised that the US and china were the source of a significant chunk of spam. They (the US especially) have a LOT of email users. What I'm interested is the ratio of good email to spam email. For instance, if the US makes up for 90% of all email sent, then is it really that bad if it makes up 25% of the world's spam? On the other hand Mexico may make up 1% of the world's email, but 90% of the email coming from there could be spam.
The volume of spam should be taking in the context of the usage of email. The RATIO of legit emails to spam is a better indicator of where the spammers are coming from than volume alone
- Tempestdata
Does anybody know what this thing actually does? Microsoft seems to push it out often enough but does it actually do anything...?
The statistics seem to say it's just a placebo.
No sig today...
I'm glad to see no mention of Pakistan in there. It used to be one of the biggest sources of spam until recently. I work for a large ISP here and we take spam seriously. We recently started blocking all outbound emails from customers, restricting them to our state-of-the-art (Linux + Exim + SA etc.) servers. Even now, a single Spamcop report can have offending customer's email completely blocked. Corporate user or no corporate user.
The bigger task is getting all the other ISPs in the country to agree to implement this instead of bending over backwards to please their customers and allow them to broadcast whatever their virus-infected PCs can conjure. The major technical players have formed a network-admins group which discusses such topics and so far, the response has been quite positive.
It will likely take a while before these types of policies are enforced in countries which are only just starting to get online.
Read your own article citation and look at the first graph. Penetration (percentage of internet users on broadband) is a substantially different metric from deployment (number of broadband users).
Their infamous "Great Wall" Internet censoring system can censor contents they don't want going into China, why can't they filter some of the spam coming out?
EvilCON - Made Famous by
China obviously needs more penis enhancement spam.
Sure baby, I'll give you my phone number...in Hex
Instead of just giving a top overall count of who's sending spam, how about a figure weighted by how many connected computers are in the country overall? If China sends a bit less than the USA, but the USA has 10X as many broadband connected computers, then Chinese computers are far more vulnerable to this sort of activity, and focus preventative measures there to mitigate the problem. Under those circumstances, the USA problem might be dealt with in a different way than the Chinese problem, but without this curcial information, who knows?
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
US and China are also the top two harborers of SSH and FTP attackers (dictionary and brute force script kiddies). My auth.log and vsftpd.log files are evidence of that. This also reflects in the DenyHosts statistics. (Click the 'Country' link at the top of the page.)
/* No Comment */
Maybe I could brag here a bit...
a rth.png
I live in Finland. It's not on the list. That's hardly surprising because our population of 5 million would have hard time relaying enough spam to make it there even if we tried it. However...
The broadband penetration here is around 60%, which is in the top20 or maybe top10 in the world. The exact figure is rather irrelevant. Let's just say that it's within a few percent compared to the other top countries. Now, look at the zoomed map.
http://www.sophos.com/images/common/misc/zombie-e
If you can find Finland, you'll notice that there's exactly one single dot on the whole map. That's Helsinki region and its about one million inhabitants. One dot there, nothing elsewhere. Compare that to - say, Portugal. It has ten million people and it's riddled with dots. Sweden has 8 million people and plenty of dots. Even taking the population into account, you could say this broadband-heavy country is practically clean of spam machines. How's that possible?
Two words: responsible ISPs. If they spot a private machine spouting 5000 e-mails every minute, they kick you out and ask you to fix your machine. Often they even provide the necessary software. Try another ISP and it will happen again. We don't want to contribute to the spam problem. At some point your tubes will be cut. Period. Also, there are quite strong laws against spamming. Definitely nothing like the US you-can-spam act but a true ban on unsolicited e-mail marketing. Therefore domestic spam is nearly inexistent too.
This is not a perfect country. No need to get into a mudflinging contest, OK? I'm just using us as an example against the assumption that broadband penetration == lots of spam relays. There is something you can do if you really want. To get on the list, there must be ISPs who are willing to turn a blind eye. We don't.
No, I don't feel my freedom of privacy violated a slightest bit if they monitor my e-mail amounts. Tunnelling and encryption are perfectly legal here. And the ISPs hardly care about the content of my actual e-mails. Keep on killing the zombies. You have my full support.
News Flash:
The Earth is the largest spam relaying planet in the galaxy.
More at eleven.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
That doesn't make any sense. A placebo is a medicine that doesn't really fix a problem but works anyway because the person taking it thinks it does. If AV software doesn't fix a problem, it doesn't fix the problem, no matter how much you wish it did.
That wouldn't be so bad, if the first sentence had an actual subject.
Unless the subject is some kind of outfit named "On Thursday".
Users!
When a user clicks on a link and is prompted to "run or save" some executable program what should they do? Of course, if the previous message told them to "just click run" they are going to just click the Run button. At least some percentage will.
With Vista it may prompt them half a dozen times with "Are you sure?" messages, but the users are no more capable of understanding these messages than they were the original one. So they click the "Yes, I'm sure!" button over and over again.
There is no security when users can be conned into installing software they should not on their computers.
> while there at it?
It's "they're" - ie short for "they are".
I don't know if I'm alone, but I find it quite difficult to read when people get this wrong - it actually means something different, so the sentence needs another scan to figure out.
Max.
Amen. Block email from China and US and spam will be reduced dramatically. Unfortunately, the head sysadmin where I work thinks we'd get a lot of complaints if we blocked the US. The grandparent post's argument isn't entirely without merit. Because of the percentage of legit email from the US, we can't even think about blocking the US. On principal we don't block China, but we think about it.
Loose lips lose spit.
Is it too late to say "We're number 1! We're number !" oh wait...
I am not an expert. If I am misled in something, please correct me.
Seriously, either make your point in person, or realize that I made a joke. Click on the linky if you are still confused.
Always going forward, 'cause we can't find reverse.
They really should have a default block of smtp servers, UNLESS specifically requested. I think that will take care of everyone nicely, it will stop the masses who dont even know what SMTP is from running zombies, and also accomidate the people that do want to
The defaults should be sane for the masses, with options for those that dont fit in that category.
The phrase "more better" is acceptable English. suck it grammar Nazis
If all ISPs block port 25 then botnet operators would program their zombies to use whatever email settings are there on the PC and send through the ISP's relay. As long asa few ISPs block port 25 sending directly is a better strategy for spammers. When the percentage of networks blocking port 25 would get higher than some threshold sending through the ISP servers with whatever filtering it has would become a better option for the spammer and the spammer would switch. This would be much more problematic for ISPs: dealing with a massive amount of spam trying to get out of their servers (instead of directly) might overload their outgoing email servics, would require huge resources in filtering outgoing mail, would create false positives with customers' legitimate outgoing mail being blocked on the way out.
So as much as blocking outgoing port 25 sounds nice and effective, it doesn't scale. On ther other hand port 25 "sniffing" might be good, expecially if it can lead to connecting the hijacked PCs to whoever uses them. But for this to work abuse fighters first need to abandon the idea that the most important goal is to catch the people that actually control the botnets. If a botnet is used to send spam on behalf of someone that paid someone else that hired yet another guy that paid a botnet operator for the service of using stolen resources then the one that provided the money for the operation should go to jail. And t's quite easy to determine who the advertiser is. So what's needed is to collect the data on actual spam messages going out of zombie PCs, choose those that are easier to locate, and put them in jail because they hired a criminal to work for them. If they can make excuses that they "didn't know" a crime is commited and without providing enough info to get the criminal then they should end up in jail. With just a few such cases there would be much less money flowing into spammers' pockets, and they'd be looking for another job...
China and the US are also the top Carbon Dioxide emitters! OMFG!
The EU is NOT a country and does NOT represent Europe as a whole. It is in fact a group of countries - and only represents 27 countries out some 47 European nations! I realise not many Americans know this but the EU is not a federal nation like the US. The EU is simply a group of cooperating nations.
And as for the statistics you were refering to - it tends to be popular to view them country vs EU group but there is no such country all the same. The EU has some of the largest economies so it's more interesting than say the poorest ex-communist non-EU European nation. You could find statistics that features European countries, and the US, versus the OECD average. That does not make the OECD a country!
This would be the only correct thing in your post - except Russia really should not be included in the European group for obvious reasons such as lacking democracy, terrible legal environment, organised crime and emerging economy status. Russia might belong to Europe for cultural, historical and geographical reasons - but not for social, political and economical reasons! Mexico is close to the US - but not exactly on even terms!