U.S. is World Leader in Spam 398
adept256 writes "Sophos outs 'dirty dozen' spam producing countries. And the USA is in the lead by a country mile. 'The United States is far and away the worst offender, accounting for nearly 60 percent of the world's spam. Even though European countries are responsible for less spam, they are still generating millions of junk emails a day,' said Graham Cluley, senior technology consultant at Sophos."
So much for the AXIS OF EVIL... (Score:5, Funny)
Re:So much for the AXIS OF EVIL... (Score:5, Insightful)
Re:So much for the AXIS OF EVIL... (Score:5, Interesting)
A NEW UNCOVER SECRETS ABOUT ANYONES!! teheknfd (Score:5, Insightful)
I agree. Just looking at the horribly butchered English that is in 95% of the spam that I get tells me that it not written by someone who's first language is English.
Re:A NEW UNCOVER SECRETS ABOUT ANYONES!! teheknfd (Score:5, Funny)
Like you, say?
Re:A NEW UNCOVER SECRETS ABOUT ANYONES!! teheknfd (Score:3, Funny)
Re:So much for the AXIS OF EVIL... (Score:3, Informative)
Re:So much for the AXIS OF EVIL... (Score:4, Funny)
Re:So much for the AXIS OF EVIL... (Score:5, Insightful)
RTFC, 60% of spam comes from the US, but there are more computers outside the US than inside, that means that the claim that the US is only so high because it has so many computers is provably wrong.
Re:So much for the AXIS OF EVIL... (Score:3, Insightful)
Re:So much for the AXIS OF EVIL... (Score:5, Informative)
Re:So much for the AXIS OF EVIL... (Score:3, Informative)
1) The data from that graph appears to be from 2000 (the Computer Industry Almanac confirms [c-i-a.com] this, though I give no representation of their accuracy). I imagine that world wide computer usage has grown at a comperable (if not greater) rate than US usage in the interim.
2) You seem to be implying that the statement "there are more computers outside the US than inside" is false. From your graph, the US contains 161,000,000 computers of 427,270,000 world wide, or under 38% of the world's compute
Re:So much for the AXIS OF EVIL... (Score:3, Insightful)
Why has this degenerated in to an excuse fest?
Nigeria? (Score:4, Insightful)
Re:Nigeria? (Score:5, Funny)
Re:Nigeria? (Score:3, Funny)
And just in time to pay for your penis enlargers.
Re:Nigeria? (Score:5, Informative)
The report isn't really valid (Score:5, Insightful)
And then there's the thing they themselves point out; their methods of determining origin only go so far, hijacked machines / email routers configured to "wash" the headers of relayed stuff also go a long way to making the numbers invalid.
I still say the ultimate revenge is to paper-spam the big spammers. Sign them up for hundreds of thousands of magazines and all the rest.
The coup de grace would be then to package and mail a spammer the contents of my cats' litterbox the day after feeding them beef 'n' bean leftovers.
Re:The report isn't really valid (Score:5, Insightful)
And how do you suppose is this *not* spam of US origin?
While the author of the email might not be American, the domain and the sysadmin certainly are.
If someone is using Hotmail or Yahoo to whap out zillions of spams, I see that of evidence of an incompetent systems administration in exactly the same way that I'd see someone failing to secure their mail relays in China, and as such, I'd expect that domain to be held accountable for it.
While they're at it... (Score:5, Insightful)
That way, Sophos themselves might produce a little less spam...
Re:While they're at it... (Score:3, Interesting)
Graham Cluely is an excellent shaman of the press and always seems to get Sophos' name into the hardcopy press - in the UK at least. He did the same for Dr Solomon before McAfee swallowed them up...
Its no supprise. (Score:5, Insightful)
Re:Its no supprise. (Score:5, Insightful)
I was born and raised in the U.S., but some of the scams I see just sicken me and the lengths people will go to to make a quick buck. Some people will even take advantage of their friends and family! Who needs enemies when your own brother or sister is trying to guilt you into their latest multi-level marketing endeavor.
Re:Its no supprise. (Score:4, Funny)
ISPs, please block egress port 25! (Score:5, Insightful)
I think it is time that ISPs block, by default, all outbound port 25 traffic. Customers can either:
- Use the ISPs mail server (this accomodates 90% right away)
- Use a VPN or SMTP+AUTH(+SSL) on an alternate port to connect to their SMTP server of choice (this accomodates another 9%)
- For the remaining few that just have to run their own SMTP server, let them have a static IP and open up the ports
Of course, some consumer ISPs won't be willing to deal with the headaches of option #3, or perhaps might charge a bit more for it, which is entirely fair. Businesses need to block all egress port 25 period, there is rarely a legitamate need for an employee to run their own SMTP server (unless they work in the IT department, but then they can probably open the port up themselves).Re:Its no supprise. (Score:3, Informative)
According to the article, 30% of the spam comes from trojaned boxes sending through their owners ISPs.
-- this is not a
Why am I not surprised (Score:5, Interesting)
If you're not blacklisting from Spamhaus's SBL+XBL of spam outfits & open relays, and dialup pools, those ones are natural things to start blocking on connect.
Re:Why am I not surprised (Score:5, Informative)
Re:Why am I not surprised (Score:3, Insightful)
That was hopeful news, but I haven't seen a big drop in 419 scam mails. I am still getting one or two each day...
I started notifying the providers that their reply email accounts are with. The sooner those are shutdown, the less opportunity for their victims to get through a reaction.
If anyone has another suggestion to make life difficult for them I'd like to hear it!
Re:Why am I not surprised (Score:5, Funny)
Re:Why am I not surprised (Score:5, Interesting)
There are a bunch of network operators tracking the technical guys, who buy up space in Colo's to house their scam sites and ADSL connections for the apartments where the scammers operate from. Mostly they use hijacked machines spread all around the internet for their relay points and temporary (30-90 minutes) websites, but those tend to be controlled from a few central servers. These are scary people to deal with, the Albanians have a nasty reputation of just killing anyone who might cross them. We were warned repeatedly by the police to not confront them, but take notes and let the police deal with it. There are dozens of unsolved murders blamed on the Albanians, including some from the 419 scam gangs.
In the Benelux area, we're glad the police finally did their job, even though the investigation took more than a year. Now its the poor Spanish police's turn, and the scammers know they don't have an effective high-tech group. So expect the 419 scams to continue to grow.
Still, Clueleyless is right about most spam coming from US sources, despite their using hijacked machines all around the world. I haven't seen a spam recently that didn't have a US oriented payment method, US phone number, US mailing address. Its American spammers targeting American victims, and American law enforcement is afraid to do anything about it. I can't remember the last time, if ever, I saw a French, Spanish, Portuguese, or Dutch language spam. Or one in Euros.
the AC
Phear Canada (Score:5, Funny)
While you Americans are spamming the world, we Canucks are gulping down herbal viagra, slathering growth cream on our willies and Making Money Fast.. Laugh at us, will you?!
Much from compromised computers (Score:5, Interesting)
Aside from the absence of Russia, the only thing I find surprising about the list is the high position of Canada - second, 6.8%. Given Canad's relatively small population, that must make them the leader in spam-per-capita - an unpleasant distinction.
Re:Much from compromised computers (Score:5, Funny)
Actually, that'd be a damn good title for a movie.
Hey, it's Friday, cut me some slack.
Re:Much from compromised computers (Score:4, Funny)
canada's population (Score:5, Interesting)
I looked at it as I wondered whether the Netherlands (16 million) would win in the spam/capita contest. Nah, canada wins. 3x the spam, 2x the population.
Reinout
Re:Much from compromised computers (Score:5, Insightful)
Re:Much from compromised computers (Score:4, Interesting)
I sent them a log of IPs pinging my firewall, trying to connect using NetBUI, trying to pop-up net msgs, etc. I stated somewhere in the msg that my firewall was constantly writing ot the log from all the hits. A LOT of the IPs were from within the Shaw set of IP addresses.
The response?
"this is a common problem, turn off the logging in your firewall".
Turn off my logging? How does that stop the hits?
Re:Much from compromised computers (Score:3, Interesting)
(x) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work.
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
( ) Micr
Re:Much from compromised computers (Score:5, Interesting)
Not so surprising, the figure is not really out of whack. While the population is a little more than one tenth - 32 million vs 292 million - higher internet usage levels, especially broadband penetration probably accounts for some of why the Canadian figure is not closer to the 5.7 - 5.9% that you might expect. As other posters have noted, normalizing the data would have helped make more sense of the of the numbers that they present. At any rate, it is safe to assume that too many Canadians and Americans do not secure their computers properly if compromised machines account for so much of the spam.
No.1 sender and hardest to block (Score:3, Insightful)
However so many European companies use the
I wish that the USA had a TLD that was only used there - it would make things so much easier...
Re:No.1 sender and hardest to block (Score:3, Informative)
Re:No.1 sender and hardest to block (Score:4, Interesting)
Re:No.1 sender and hardest to block (Score:3, Insightful)
What about English speakers living in those countries who might want to contact you in English? Right now, they email you and get a snarky reply saying you don't understand Spanish. Great, but they actually wrote in English. Your patronising assumption that everyone else is as monolingual as you is doing nobody any favours.
well... (Score:3, Funny)
Re:well... (Score:5, Funny)
When was this sample taken? (Score:5, Insightful)
I also wonder if there is any way to bring the issue of unprotected computers to the public. Perhaps negligence penalties of some sort? I don't want to punish the wrong people, but it would be a lot harder to hack into all of these systems if they were administered properly.
Spam from US servers (Score:4, Insightful)
I would have sworn it was CN, TW, KR and similar (Score:3, Insightful)
I guess, with the 'spam mafia' installing these zombies on Grandma's computer, the countries with the largest population of lusers online will be the larger sources of spam.
Re:I would have sworn it was CN, TW, KR and simila (Score:5, Informative)
How about normalizing that data? (Score:5, Insightful)
Without having some idea of what fraction of a country's email traffic is spam, these numbers just tell you which countries have a bigger internet presence, and absolutely nothing more.
Re:How about normalizing that data? (Score:3, Informative)
it isn't a case of "one spam for every x legitimate emails"
the number of spam emails and legitimate emails are completely unrelated.
Wrong (Score:5, Insightful)
Read the response by the second guy to respond to me. Both legitimate and illegitimate email are going to track with the number of total servers (scaled by how many are unprotected) and number of internet-connected citizens (scaled by how many are internet-connected) among other variables he mentioned.
I mean, actually think about what you're saying. You would congratulate Antarctica for generating 0 spam. If you want to look at this without considering "ham" emails, look at the spam difference - (spam sent = spam received). I would argue that even this difference should be fractioned by how many total emails are sent received which really is a decent measure of internet presence, but even without it, you at least separate net spam "donors" from "recipients"
Honestly, if you don't normalize variables in comparing large sample sets with small, you absolutely cannot compare raw numbers. I could recommend statistical reference texts if you like.
Re:Wrong (Score:3, Insightful)
Those two variables will correlate highly, and it's easier to count emails than servers.
Re:How about normalizing that data? (Score:5, Interesting)
Re:How about normalizing that data? (Score:4, Interesting)
That's an interesting take, and if true it's the only take-home lesson - that over half of US spam is generated from within.
However, to look at this from yet another angle, who's "responsible" for spam - the sender or the asshat who left his server open? And which are they tracking? (I'm presuming servers).
I'd like to see a split of legal and illegal spam, ie cases where a server was or wasn't hijacked. I'd also like to see spam as a total fraction of a nation's mail - sent and/or received.
I thought as much (Score:3, Funny)
Re:I thought as much (Score:5, Funny)
And to prove it, you have a wonderfully syntactically challenged President.
Misunderestimated
The inhabitants of Greece are Grecians.
This doesn't bode well... (Score:5, Funny)
Luckily, I'm British and we're only number 9 on the list
John.
Re:This doesn't bode well... (Score:3, Funny)
Poor research... (Score:5, Interesting)
Only two days of research is a lame attempt at a research project.
For all we know, those responsible could alternate source every other week, thus invalidating this 'insightful' conclusion.
Also, the article fails to mention how they are so positive of the origin. Who knows how many open relays the spammers use.
I'd believe an article that indicates that the US has more open relays than any other country, as I would venture a guess that it's relative to total number of computers wired to the net.
my 2c
Statistics, my dear Watson. (Score:4, Interesting)
The probability of a statistically significant number of spammers just happening to have said, "Let's use all our *US* zombies!" this particular day and then deciding the day after the study, "You know what, let's all go back to our Salmnonian zombies!" is so preposterous as to be humorous. It would be like having a majority of US voters wake up and decide for two days to vote for the Green Party candidate, then all of them switch back right after the primary. (If it were a small sample size, this could happen, but for a large sample size, it is *far* less likely.)
Re:Statistics, my dear Watson. (Score:3, Insightful)
I just have a problem with spouting information when the sample was only over a period of two days. It reminds me of what some of the people that I work with call facts, when in fact they miss the big picture by
Re:Poor research... (Score:3, Interesting)
Of course, because there is large number of computers (and poor anti-spam laws), the US will have large number of poorly maintained computers.
I just made some research about spams I have received this month, and according to it, the top ISP list looks like following:
(Based on AS numbers, names from whois db).
Blame Russia (Score:4, Funny)
Well just dont let GWB learn of this, just what we need him to do, start a new cold war over spam. It be his newest attempt to revitalize the economy.
Duh.. (Score:5, Funny)
Are you Corn Fed? [ebay.com]
Made in America (Score:5, Funny)
Wow... when I see my next ad for "enlargment pills" I'll smile with delight that the ad I'm looking at was made in America...
Did I mention that by smile I mean Be menacingly overcome... and by delight I actually mean rage... sweet glorious rage.
Another reason for my heart to swell with pride for my country
So... (Score:5, Insightful)
This isn't a troll (despite sounding like one).
I'm very upset that my mail server, a very well maintained with a plethora of spam and virus filters, is blocked by asshat american sysadmins "just because we're spammers".
Re:So... (Score:3, Informative)
percentage of spam/number of IP address in a country.
My guess is that number is fairly high for Brazil. As for the "blocked by asshat american sysadmins" most people are using spamassassin and other score based spam tools these days, not simple IP blocking. I don't get much legit email from Brazil (I don't think I ever have), so if I do it's more than likely spam. Giving it a spam score to reflect that seems perfectly acceptable. As far as those that do simple IP blocking, it'
Re:So... (Score:3, Interesting)
I will give you a counter-example. I do not block IP blocks from Argentina becaus
Re:Only temporary (Score:3, Insightful)
Which is why SPEWS increases the listing to encompass nearby IPs once the ISP has shows they are willing to tolerate spam. If an ISP is spam-friendly, then any email from their network has an increased probablity of being spam. SPEWS is essentially a quarantine of spam-infected areas of the 'Net.
Complaints about Outsourcing? (Score:4, Funny)
An idea for curbing spam? (Score:5, Insightful)
Assuming we ever have laws in place which state that genuine opt-in lists are the only valid way to advertise products then we still cannot sue the spammers who send junk to harvested addresses because of the problems involved with tracing them.
Tracing spammers is difficult/sometimes impossible because any computer on the internet can runs its own SMTP server to send mail to anywhere on the net. 10 years ago when the net was more innocent and less commercially corrup, this was fine, but nowadays this is just too powerful.
The problem is, if some clueless person (which probably accounts for 80% of net users) has their machine compromised by a virus or trojan than their computers are used to send out the spam, and as there are no log files the spammers are virutally impossible to trace.
Now imagine if the only way to send spam was via an approved mail server. For most of us this will be our ISPs, for the rest we will simply subscribe to one of the many official trusted ones.
Now the problem of reporting spam is a lot easier - complaints will be dealt with by the trusted mail servers who keep detailed logs of which customers have logged in to send mail, what IP address they used and at what time.
It doesn't matter if the customer deliberately sent out the spam or if they had been compromised by a trojan - the trusted mail servers can deny their customers the right to send more email until they have had an assurance from their customers that the problem has been fixed.
I'm not saying this is going to end spam altogether, but it should go a long way to curbing it.
What about all the spam which originates from, say, Nigeria or Amsterdam? Simple - unless the trusted mail server takes active steps to eradicating the spam they will no longer be trusted.
Re:An idea for curbing spam? (Score:3, Interesting)
Re:Simple Solution (Score:3, Insightful)
This is a bit too restrictive though - remember, we don't want to penalise ordinary internet users, most days I might only send 10 but some days I could quite happily send more than 50... why shouldnt I be allowed to send more? What if one of my emails was urgent and I wasn't allowed to send?
I also don't like the idea of reviewing people's email traffic (time-consuming for t
Thought this was common knowledge ? (Score:4, Informative)
Simon
what % of non-spam internet traffic is in the US? (Score:3, Insightful)
let's assume the article is correct and 60% of the world's spam is US-based. in and of itself this is meaningless. if > 60% of the net's total content originated in the US, that would make the US better than average for its spam production.
#1 spam producing state is (Score:5, Informative)
Spam obviously pays (Score:3, Funny)
Di'e s'p'a'mm--'ers --d-1e.
infinite cabbage droll bearing science foot kingdom allow new rock garden trying gracefully space engine.
Spamgourmet to the rescue (spam - /dev/null) (Score:5, Informative)
The service is free and offers a couple of other neat features. I've been using it for about a year and it's been very reliable.
Highly recommended.
Heiko
My experience: China and Korea are the worst (Score:3, Insightful)
If anyone knows a contact at chinanet.net where you can actually reach an administrator (or, better yet, one that speaks English), that would be a very useful thing to have...
More statistics I'd like to see (Score:4, Interesting)
For example, on a typical mail day lately, I seem to be getting around 100 messages in one of my mailboxes, not counting Windows worms and related crap. Here's my breakdown, based only on
I'd be curious to see these numbers for a more global sampling of email. It seems unlikely that anyone would be in a position to provide them, though.
Huh? (Score:3, Insightful)
Wait, so all of us are responsible for the actions of these spammers? The "United States" itself doesn't spam, spammers do. Perhaps it should have been:
60 percent of the world's spam comes from spammers in the Unitied States.
I believe the guilt would lay correctly with the spammers in this phrasing.
USA!!!! USA!!!! USA!!!! USA!!!! (Score:4, Funny)
Yeah, the U.S. is the leader in spam right now... (Score:5, Funny)
Spam per capita - the numbers favor Canada (Score:3, Interesting)
If you normalize by population Sophos's reported national spam percentages things look pretty different. The scores are no longer so lopsided, and the winner is ... Canada?
COUNTRY.....PERC...........POP....PERC./POP.Canada.......6.80......32207113...2.1113e-07
US..........56.74.....290342554...1.9542e-07
Netherlands..2.13......16150511...1.3188e-07
South_Korea..5.77......48289037...1.1949e-07
Australia....1.21......19731984...6.1322e-08
Spain........1.05......40217413...2.6108e-08
France.......1.50......60180529...2.4925e-08
Germany......1.83......82398326...2.2209e-08
UK...........1.31......60094648...2.1799e-08
Mexico.......1.19.....104907991...1.1343e-08
Brazil.......2.00.....182032604...1.0987e-08
China........6.24....1286975468...4.8486e-09
Re:Spam per capita - the numbers favor Canada (Score:3, Interesting)
One-Third of all Spam due to Windows Security Failures
Just a guess, but Canada's broadband penetration rate (2nd worldwide) and the usual number of Windows users found anywhere translates to their high ranking, in my humble opinion, due to trojan-related control of these unprotected boxen.
From the article:
"
money, money, money (Score:5, Funny)
Population Adjusted Values: (Score:5, Insightful)
That said, hopefully this study (not my little humor below, the sophos study) begin to, ever so slightly, shut up those people who claim that spam laws are useless because they will just drive spammers from one locale to the next. while this is true at the margins, the fact is that spam, like all business, is foremost local.
Re:Population Adjusted Values: (Score:5, Informative)
While I don't want to claim that this sort of back of the envelope estimate is truly explanatory, it does suggest, for example, that Germany and the UK have been quite effective while other places have not. Again, the last column is a score, where lower is better.
Anonymous Proxies (Score:3, Insightful)
I personally find the web variety very useful to browse Slashdot, since Slashdot banned a large IP range in which I belong, due to some a-hole using scripts targetting this site.
I equate Anonymous Cowards with Anonymous proxies in that they enable trolls, offtopics and first-posters.
I find irony in that for all the anti-spam stance promoted by the slashdot editors and slashdotters in general, this site cant seem to find an uber-geek technical solution to thread-spamming here.
Does anyone know what metric? (Score:5, Insightful)
Does anyone know what metric was used to determine these rankings? Was it "country where the first SMTP transfer originated"? Was it "office address of the dude typing in the text of the spam"?
I hate it when dudes publish 'findings' and don't explain how they got them. So much for the scientific method and reproducibility -- they could have made the whole thing up!
[**NOTE** I am not saying they did make the numbers up, but as a matter of journalistic and scientific integrity, when you publish the results and don't publish the method used to determine those results, your cannot be evaluated as anything other than opinion. We're after facts, here, people, not truth.
The units of measure in spam suggest USA (Score:5, Funny)
I've never received anything promising to add centimeters or lose kilograms.
A Workable Solution to SPAM (Score:3, Insightful)
Most SPAM is trying to sell us something. Why not go after the business itself using local and state laws and IRS audits.? If the local fire department finds a coffee pot on a frayed extension cord, shut the building down for a month. That sort of thing. At the end of the month, let the IRS step in with a detailed audit, then the state labor practices agency for worker safety issues. Give those bureaucrats some raw meat to chew on and maybe they'll leave the rest of us alone.
Word will soon go out that spamming makes life very unpleasant.
Re:Let me be the first to say... (Score:4, Funny)
P.S. Don't use the To: field when there is a perfectly good BCC: field that will do
Re:Who Is Surprised By This? (Score:5, Insightful)
Dream on sunshine. Ever heard of the Roman Empire? Greeks? British? Germans? Even the French were more powerful in their day. You have some of North America, a little in the Middle East, and not a lot more. The greatest spammer in the history of mankind is not really an accolade to stand in the history books. In time, people will look back and say 'So they were number 1 in a well contended field for a short time... so what?'. You got a way to go yet sunshine. Don't think that one half-assed victory in the middle will make the emperors of old start saying 'Fuck me, wish we'd had that 'e-mail spam' thing to go along with our might legions'.
Damn I just realised I got trolled properly there.
Re:Who Is Surprised By This? (Score:4, Interesting)
You didn't refute any of part of my statement you quoted. We ARE the richest, most powerful, and most prosperous. There's really no debate there.
BZZZT! Wrong! (Score:5, Informative)
Your own explanation demonstrates perfectly that you are the one who doesn't know what the national debt is.
Simply stated, the national debt is what taxpayers owe the treasury for purchases made by the government. When the amount of money spent by the government exceeds the amount of tax money collected, you have a budget deficit. The national debt is the total amount, plus interest, owed to the treasury.
It has nothing to do with international trade. I believe what you are refering to is called a "trade deficit".
Re:BZZZT! Wrong! (Score:4, Insightful)
Could you please learn basic economic terminology before posting? The national debt is the money owed by the US treasury to holders of US bonds, some of whom are foreign and many of whom are not.
Now, please to close mouth and open books. Thank you
Re:ISP's blocking insecure system on their network (Score:3, Informative)
Once a week or so we turn on ntop for a few minutes and have a quick peek at who is moving what, if we notice any clients doing any outgoing scans on known virus ports we block them at the routers until they call in and clean the PC.
Once a month we'll scan the network with nmap to see what ports people are listening on.
Our mail servers scan incoming mail for viruses, if we