U.S. is World Leader in Spam 398
adept256 writes "Sophos outs 'dirty dozen' spam producing countries. And the USA is in the lead by a country mile. 'The United States is far and away the worst offender, accounting for nearly 60 percent of the world's spam. Even though European countries are responsible for less spam, they are still generating millions of junk emails a day,' said Graham Cluley, senior technology consultant at Sophos."
Connection.... (Score:0, Interesting)
Why am I not surprised (Score:5, Interesting)
If you're not blacklisting from Spamhaus's SBL+XBL of spam outfits & open relays, and dialup pools, those ones are natural things to start blocking on connect.
Need legal backing (Score:1, Interesting)
This needs doing anyway...
I don't understand why this is SO difficult !!!!
Much from compromised computers (Score:5, Interesting)
Aside from the absence of Russia, the only thing I find surprising about the list is the high position of Canada - second, 6.8%. Given Canad's relatively small population, that must make them the leader in spam-per-capita - an unpleasant distinction.
Re:Its no surprise. (Score:1, Interesting)
It's those MS machines on broadband that are hacked into spamming zombies.
Poor research... (Score:5, Interesting)
Only two days of research is a lame attempt at a research project.
For all we know, those responsible could alternate source every other week, thus invalidating this 'insightful' conclusion.
Also, the article fails to mention how they are so positive of the origin. Who knows how many open relays the spammers use.
I'd believe an article that indicates that the US has more open relays than any other country, as I would venture a guess that it's relative to total number of computers wired to the net.
my 2c
Question (Score:0, Interesting)
Re:How about normalizing that data? (Score:2, Interesting)
Number of computers on internet
NUmber of computers with high speed internet
Number of computers with upto date antivirus and patches
you get the picture
with a little more indepth research i think you have an excelent analysis of the spam epidemic and maybe be even able to more effectively battle it if we had the right statistics.
Re:How about normalizing that data? (Score:5, Interesting)
canada's population (Score:5, Interesting)
I looked at it as I wondered whether the Netherlands (16 million) would win in the spam/capita contest. Nah, canada wins. 3x the spam, 2x the population.
Reinout
Re:Much from compromised computers (Score:5, Interesting)
Not so surprising, the figure is not really out of whack. While the population is a little more than one tenth - 32 million vs 292 million - higher internet usage levels, especially broadband penetration probably accounts for some of why the Canadian figure is not closer to the 5.7 - 5.9% that you might expect. As other posters have noted, normalizing the data would have helped make more sense of the of the numbers that they present. At any rate, it is safe to assume that too many Canadians and Americans do not secure their computers properly if compromised machines account for so much of the spam.
Re:No.1 sender and hardest to block (Score:4, Interesting)
Re:How about normalizing that data? (Score:4, Interesting)
That's an interesting take, and if true it's the only take-home lesson - that over half of US spam is generated from within.
However, to look at this from yet another angle, who's "responsible" for spam - the sender or the asshat who left his server open? And which are they tracking? (I'm presuming servers).
I'd like to see a split of legal and illegal spam, ie cases where a server was or wasn't hijacked. I'd also like to see spam as a total fraction of a nation's mail - sent and/or received.
The US is the world leader... (Score:2, Interesting)
Unfortunately, I can't afford to leave this damned country. If I could... I would. But, I have a duty to others of my kind who also feel trapped here. That duty is to try an get people who are on the fence to see the light and join our side in changing the direction that things have gone in. Trust me people, I'm willing to fight to get my country back if need be.
Re:So much for the AXIS OF EVIL... (Score:5, Interesting)
More statistics I'd like to see (Score:4, Interesting)
For example, on a typical mail day lately, I seem to be getting around 100 messages in one of my mailboxes, not counting Windows worms and related crap. Here's my breakdown, based only on
I'd be curious to see these numbers for a more global sampling of email. It seems unlikely that anyone would be in a position to provide them, though.
Re:An idea for curbing spam? (Score:3, Interesting)
Re:Who Is Surprised By This? (Score:2, Interesting)
Statistics, my dear Watson. (Score:4, Interesting)
The probability of a statistically significant number of spammers just happening to have said, "Let's use all our *US* zombies!" this particular day and then deciding the day after the study, "You know what, let's all go back to our Salmnonian zombies!" is so preposterous as to be humorous. It would be like having a majority of US voters wake up and decide for two days to vote for the Green Party candidate, then all of them switch back right after the primary. (If it were a small sample size, this could happen, but for a large sample size, it is *far* less likely.)
Spam per capita - the numbers favor Canada (Score:3, Interesting)
If you normalize by population Sophos's reported national spam percentages things look pretty different. The scores are no longer so lopsided, and the winner is ... Canada?
COUNTRY.....PERC...........POP....PERC./POP.Canada.......6.80......32207113...2.1113e-07
US..........56.74.....290342554...1.9542e-07
Netherlands..2.13......16150511...1.3188e-07
South_Korea..5.77......48289037...1.1949e-07
Australia....1.21......19731984...6.1322e-08
Spain........1.05......40217413...2.6108e-08
France.......1.50......60180529...2.4925e-08
Germany......1.83......82398326...2.2209e-08
UK...........1.31......60094648...2.1799e-08
Mexico.......1.19.....104907991...1.1343e-08
Brazil.......2.00.....182032604...1.0987e-08
China........6.24....1286975468...4.8486e-09
Re:While they're at it... (Score:3, Interesting)
Graham Cluely is an excellent shaman of the press and always seems to get Sophos' name into the hardcopy press - in the UK at least. He did the same for Dr Solomon before McAfee swallowed them up...
Re:Who Is Surprised By This? (Score:4, Interesting)
You didn't refute any of part of my statement you quoted. We ARE the richest, most powerful, and most prosperous. There's really no debate there.
Re:No.1 sender and hardest to block (Score:1, Interesting)
Comcast are the worst offenders.
Here are some IPs to block:
24.1[0-9].*.*
24.2[01].*.*
24.[0-9].*.*
67.1
67.17[0-4].*.*
68.3[2-9].*.*
68.[45]
68.6[0-3].*.*
68.8[0-7].*.*
69.13[6-9
69.140.*.*
Re:Poor research... (Score:3, Interesting)
Of course, because there is large number of computers (and poor anti-spam laws), the US will have large number of poorly maintained computers.
I just made some research about spams I have received this month, and according to it, the top ISP list looks like following:
(Based on AS numbers, names from whois db). One thing I noticed was that there were no significant difference in time of day when spam messages arrived, flow is steady throughout day and week.
Quite interesting, however, is the fact that I get most of virus emails from Europe (Italy and France).
Re:Spam per capita - the numbers favor Canada (Score:3, Interesting)
One-Third of all Spam due to Windows Security Failures
Just a guess, but Canada's broadband penetration rate (2nd worldwide) and the usual number of Windows users found anywhere translates to their high ranking, in my humble opinion, due to trojan-related control of these unprotected boxen.
From the article:
"
Re:Why am I not surprised (Score:5, Interesting)
There are a bunch of network operators tracking the technical guys, who buy up space in Colo's to house their scam sites and ADSL connections for the apartments where the scammers operate from. Mostly they use hijacked machines spread all around the internet for their relay points and temporary (30-90 minutes) websites, but those tend to be controlled from a few central servers. These are scary people to deal with, the Albanians have a nasty reputation of just killing anyone who might cross them. We were warned repeatedly by the police to not confront them, but take notes and let the police deal with it. There are dozens of unsolved murders blamed on the Albanians, including some from the 419 scam gangs.
In the Benelux area, we're glad the police finally did their job, even though the investigation took more than a year. Now its the poor Spanish police's turn, and the scammers know they don't have an effective high-tech group. So expect the 419 scams to continue to grow.
Still, Clueleyless is right about most spam coming from US sources, despite their using hijacked machines all around the world. I haven't seen a spam recently that didn't have a US oriented payment method, US phone number, US mailing address. Its American spammers targeting American victims, and American law enforcement is afraid to do anything about it. I can't remember the last time, if ever, I saw a French, Spanish, Portuguese, or Dutch language spam. Or one in Euros.
the AC
Re:Much from compromised computers (Score:4, Interesting)
I sent them a log of IPs pinging my firewall, trying to connect using NetBUI, trying to pop-up net msgs, etc. I stated somewhere in the msg that my firewall was constantly writing ot the log from all the hits. A LOT of the IPs were from within the Shaw set of IP addresses.
The response?
"this is a common problem, turn off the logging in your firewall".
Turn off my logging? How does that stop the hits?
Re:So... (Score:2, Interesting)
Every few weeks I'd open it back up and see what happened. Sure enough, very large numbers of port scans and attempts to see if my servers had been Zombified. E-mails with firewall logs sent to the abuse addresses for those IPs did nothing, so back into the block list they went.
I have to admit, I was fascinated by the question: Why is this particular ISP in Brazil such a haven for these types of attacks? I never found an answer to that, though. But it was bizarre to me that our network was scanned more times by Brazil than everywhere else combined.
Re:So... (Score:3, Interesting)
I will give you a counter-example. I do not block IP blocks from Argentina because I always received prompt replies from the Argentinian ISPs. And I don't receive spam from Argentina any more. The ISPs in Argentina, as a rule, do not permit spam to originate on their networks. The whole country benefits because of this policy. (Well, if you call being able to sent me email a benefit. ;-)
Blocking IPs is not something I did on a whim. But it was and is highly effective in blocking a great deal of all spam delivery attempts. I recently upgraded my email server and my relay rules were not applied -- I didn't really appreciate how well those rules were working until that point. It took me less than a day to realize that something was seriously wrong.
Sorry, but those rules stay until I am convinced they are no longer needed.
Re:Why am I not surprised (Score:1, Interesting)
You might want to check out 419 Eater [419eater.com] - the people there LOVE to make scammers' lives a misery.
(Yes, I just posted this 2 minutes ago, but being the moron I am I forgot to actually give you a link).
Re:So much for the AXIS OF EVIL... (Score:1, Interesting)
No, you have more clueless "businessmen" and criminal scam artists, paying criminal spammers to use hijacked machines from all over the world to send out spam with american english spelling, for products sold to americans, priced in US dollars. And while they're at it, they spew their shit out to the rest of the world, even advertising products useless outside the US (US cable descramblers, mortgages, discount phone plans). Here in the UK my spam mailbox is filling with more than 80% of the spam being for some useless american crap, about 5% for useless european crap, 419ers, idiot MMFers (usually american) and bestiality porn ads etc. making up the remainder.
Re:Much from compromised computers (Score:3, Interesting)
(x) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work.
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
(x) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(x) Huge existing software investment in SMTP
(x) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
(x) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Re:ISPs, please block egress port 25! (Score:3, Interesting)
That's the best idea I've heard since Michael Jackson and R Kelly discussed opening a daycare center.
Re:So much for the AXIS OF EVIL... (Score:2, Interesting)
That's why worms and spammer trojans often include their own SMTP server implementations.
Why can't the government do something about spam? (Score:2, Interesting)