It has taken spammers only four months to get their botnets back up after hosting company McColo Corp. was shut down, according to statistics due to be released on Tuesday from Google's Postini e-mail security provider.
Spam volumes dropped as much as 70 percent or 80 percent overnight when San Jose, Calif.-based McColo was shut down on November 11, 2008. McColo was hosting command and control servers that were being used to send instructions--like send spam or Trojans--to bot software planted on PCs, mostly in the U.S.
By the second half of March, seven-day average spam volume was at the same volume as prior to the McColo shut down, and overall spam volume during the first quarter was up an average of 1.2 percent per day--the strongest since early 2008, Postini said. By comparison, spam grew about 1 percent per day in the first quarter of last year, which was a record high at the time.
"Spammers have essentially spent this time rebuilding their botnets," Adam Swidler, Postini product marketing manager, said in an interview on Monday.
However, the spammers appear to be using new techniques that are more resilient to ISP shutdowns, such as using peer-to-peer technology to send instructions between computers rather than having one command-and-control computer communicate with botnets, he said.
Also new is the use of location-based spam, such as e-mails touting fake news customized to the geographical location of the recipient. Other popular spam topics during the quarter continued to be related to the economy, financial markets, and layoffs, Postini said.
More information is in the Official Google Enterprise Blog.