Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malicious Spam Jumps To 3B Messages Per Day

Posted by kdawson on from the with-a-b dept.

Trailrunner7 writes "Last year saw a monstrous increase in the volume of malicious spam, according to a new report (PDF). In the second half of 2009, the number of spam messages sent per day skyrocketed from 600 million to three billion, according to new research. For some time now, spam has been accounting for 90 or more percent of all email messages. But the volume of spam had been relatively steady in the last couple of years. Now, the emergence of several large-scale botnets, including Zeus and Koobface, has led to an enormous spike in the volume of spam."

18 of 211 comments (clear)

  1. Enough about malicious spam by Anonymous Coward · · Score: 5, Funny

    What about delicious spam?

    1. Re:Enough about malicious spam by Tsar · · Score: 3, Funny

      And that's just the malicious spam! It doesn't count the dozens of helpful, well-meaning, altruistic spams I get every day from good people who care about whether I have enough hair, or I'm paying too much for prescription drugs, or my wife is completely satisfied. Bless all their hearts!

      Oh, did you mean del.icio.us spam? No, I didn't think so.

    2. Re:Enough about malicious spam by interkin3tic · · Score: 3, Funny

      What about delicious spam?

      What about it? It's slightly less fictional than unicorn bacon?

  2. Oh really? by B5_geek · · Score: 5, Insightful

    And I still see less then 1 per month in my Inbox.
    _THIS_ is the price I am willing to pay to allow Google to filter my email.

    --
    "The price good men pay for indifference to public affairs is to be ruled by evil men." ~Plato (427-347 BC)
    1. Re:Oh really? by martinbogo · · Score: 4, Informative

      Until you take into account that the total number of legitimate emails is between 100 and 300 million messages per day. Spam messages make up over 90% of the total stream, and that means untold amount of wasted bandwidth, processing time, and frankly wasted time on code needed to combat the issue.

      --
      "Don't worry about the problems you have in mathematics, I assure you mine are much greater." - Einstein c.1919
  3. Re:Users get spammed by ae1294 · · Score: 4, Funny

    I can't compile what you're trying to say without the ??? and Profit! directives.

  4. Re:Out of curiosity... by XanC · · Score: 3, Insightful

    I'd rather have my ISP not be in the business of picking through my traffic and deciding what's "good" and what's "evil". Who I talk to over my connection is my business.

  5. Re:Out of curiosity... by HungryHobo · · Score: 5, Interesting

    Because one person sending a mailshot to a hundred or so people looks a lot like a botnet.
    One person mailing their CV to 200 companies can look a lot like a botnet.
    One teenage girl telling everyone about a party can look a lot like a spammer.

    Sure if the botnet isn't well written then it'll just blast spam out of every node 24/7 but the really good ones are going to try hard to evade detection.
    Hell if you've got enough compromised PC's and you're organised as modern botnet herders are then you can collect a lot of good data on how regular users send email and make sure the nodes of your botnet avoid going far outside the curve.

  6. Re:charge for email by harp2812 · · Score: 3, Insightful

    Let me know when you find a reliable way to...
    a) Charge for email
    b) Prevent unpaid mail from being sent
    c) Prevent botnets from sending 30 free messages then stopping for the day
    d) Prevent botnets from sending a ton of paid messages using financial info on the host computer
    e) Prevent spammers from setting up a mail server that charges for messages, repeating d) and then collecting all the money.

    etc, ad nauseum.

    --
    I've found that nurturing one's Zen nature is vital to dealing with technology. Violence is pretty damn useful too.
  7. Re:Want to See Spam? by sopssa · · Score: 3, Interesting

    That's why its best to use the middle way. Have own domain and some way to quickly create a new address on it (even if they all go to same mailbox). Always use a new address for different sites and purposes. That way if one of them starts to get problems with spam, you know who sold your address and can easily disable it.

  8. Re:Want to See Spam? by rtaylor · · Score: 3, Funny

    How Gmail manages to work out what I want and do not want, and gets it right is either very clever or very chilling.

    Google has no way to know what you want. Instead, they focus on making you want what they give you.

    Seems to work well enough.

    --
    Rod Taylor
  9. Too much thinking in hex. by Anonymous Coward · · Score: 5, Funny

    Am I the only one who read this headline and thought, "59 messages a day isn't so bad?"

  10. Seriously. by aussersterne · · Score: 4, Interesting

    SPAM was the absolute bane of my existence (I have several very public email addresses that have to remain that way) until the day I finally (at at the time reluctantly) decided to run all of my mail through Gmail accounts, without exception. I had used block lists, several ISP-based filters, spamassassin post-POP3 on my own local net, and a bunch of filters, and it was eating hours a day of attending to SPAM (new filters, fixing filters, marking as spam, marking as ham) and so many CPU cycles that a dedicated box couldn't keep up. Not to mention that due to the processing overhead of all that filtering, when someone did send me a message and told me so, I'd have to tell them "I'll get it in ten to fifteen minutes." And all for a few (three, really) email queues that belong to one person and a couple assistants?

    Now I forget that SPAM exists, and my email comes in more or less instantly.

    For a decade now, Google has more or less singlehandedly kept the internet usable.

    --
    STOP . AMERICA . NOW
  11. Where's your beloved filter now? by damn_registrars · · Score: 4, Insightful

    Yeah, we can see how much of a wonderful difference all those filtering programs that are on the market today are doing for the worldwide spamming problem. That is, no difference.

    If you want to do something about the spamming problem, start looking beyond your own nose. Stop adjusting your filtering rules constantly. Pay attention to the cause of the problem - spam is an economic problem. Until something is done about the profit-motive (and the insane margins of profit) behind spam, the problem will only continue to grow.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  12. Re:Out of curiosity... by jfengel · · Score: 4, Interesting

    But it's my business to pay my ISP to funnel the bytes sent to me. If the bytes coming from your ISP are frequently evil, I'd fully support my ISP in blacklisting you, especially if it saves me money or increases my bandwidth.

    So if your ISP decides to cut yours off unless they impose some sort of anti-bot policy, I'd be in favor. And I'm perfectly willing to have my ISP do the same to me if it's what's required to play nice with their neighbors.

    If you want your ISP to be blind to your bits, and suffer the fact that they'll have to install more bandwidth and be potentially filtered (and lose customers for that, raising your prices further), be my guest. I'm willing to live with that minor invasion of privacy (cutting off obvious bots) in exchange for lower prices.

  13. Seems like incentive to rethink e-mail by LordArgon · · Score: 3, Insightful

    Given the estimation that 90% of e-mail was spam *before* a five-fold daily increase, why aren't more people/companies clamoring for a complete e-mail re-architecture? Improved filtering and new spam laws are just symptomatic fixes - the entire way we do e-mail needs to change.

    The resources wasted and stolen by spam are staggering. Eventually the economic and political incentive to adopt better e-mail protocols has to kick in; I'm just surprised it hasn't yet.

  14. Re:I have said this before... by Archangel+Michael · · Score: 3, Funny

    Your post advocates a

    ( ) technical (X) legislative (X) market-based ( ) vigilante

    I've NEVER seen all four of those checked before on a singular suggestion. SO, I will attempt to propose the PERFECT solution, which will obviously have to take into account all four options .... THIS would definitely solve the problem.

    We need to pass a law, that would create an incentive for Private Companies to generate an electric shock device that would automatically send a large electrical shock to anyone OPENING SPAM (legislation to define SPAM as broadly as possible and contain SNOPES and Chain letter provisions). The Winning company's device would be awarded the ONE day's cost of SPAM (to be determined).

    This is based on my basic premise .... STUPID should hurt.

    --
    Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
  15. Re:Out of curiosity... by wizardforce · · Score: 4, Insightful

    I'm willing to live with that minor invasion of privacy (cutting off obvious bots) in exchange for lower prices.

    That's naive. Any cost savings get funneled right into the profit machine long before you see any of it.

    --
    Sigs are too short to say anything truly profound so read the above post instead.