October 26, 2007 6:12 AM PDT

Report: U.S. tops list of spam-offending countries

Report: U.S. tops list of spam-offending countries
Related Stories

Security expert: Storm botnet 'services' could be sold

October 16, 2007

'Storm worm' exploits YouTube

October 10, 2007

F-Secure sees smaller botnets on the rise

October 1, 2007

China leads Asia in malicious online activity

September 20, 2007
Related Blogs

Spam, spam and more spam

October 11, 2007
The U.S. remains the world's biggest spammer, according to security firm Sophos, which on Friday released its quarterly report on the world's top spam-offending countries--dubbed the "Dirty Dozen."

The U.S. came in well ahead of its rivals, according to the report, being responsible for 28.4 percent of all spam. South Korea was second (5.2 percent), followed by China (4.9 percent), Russia (4.4 percent) and Brazil (3.7 percent).

"It seems as though a major American spammer is arrested every other week at the moment but, despite these high-profile law-breakers being put away, the U.S. continues to relay far more spam than any other nation on the planet," Carole Theriault, senior security consultant at Sophos, said in a statement.

"This level of activity can't be attributed solely to the slick operations of a few cash-hungry criminals. The problem is there are thousands of spammers using many thousands of compromised zombie computers in the U.S.," Theriault said.

The report also identified a growth in spam that contains malicious software, and the virtually overnight rise and fall of PDF spamming.

"The only way we're going to reduce the problem is if U.S. authorities invest a lot more in educating computer users of the dangers, while ensuring ISPs step up their monitoring efforts to identify these compromised machines as early as possible," added Theriault.

Marcus Browne of ZDNet Australia reported from Sydney.

See more CNET content tagged:
spammer, South Korea, spam, Sophos Plc., U.S.


Join the conversation!
Add your comment
I'm not seeing it
Not that I'm saying that there aren't hordes of scumbag Americans who are willing to clog our mail servers and mailboxes with offers for crap we don't want or need but I simply am not seeing that much spam that originates in the U.S.

At least as far as what makes it past my spam filters I'd say 90% of it comes from eastern Europe or Asia, with Russia, China, Poland & Korea being this biggest offenders. I don't know, maybe the U.S. spammers aren't as adept at making it past spam filters so I just never see their spam.
Posted by raitchison (103 comments )
Reply Link Flag
I am
Spam has become so bad that we are currently blocking or quarantining 99+ percent of all incoming messages.

And much of it is coming from the US. We track it back to Charter, Comcast, Earthlink, etc.

From a scan of some of the sending machines it appears a lot of it is coming from infected Windows home computers.
Posted by rcrusoe (1305 comments )
Link Flag
Out of Sight... out of Mind?
Just because you don't see it doesn't mean that it doesn't exist! (* GRIN *)

SPAM filters rectify nothing. They only hide the problem. Stop using your SPAM filter and then complain. Otherwise, your complaints fall on my deaf ears... just as deaf as your SPAM filters are to the SPAM floating around.

Are those filtering software reporting properly? Unless you see what's actually coming in... you have know way of knowing for sure.

Maybe they report results from only the spoofed From line and not the actual sender? (* CHUCKLE *) Maybe not? Unless you receive everything and double-check it yourself, you cannot say for sure! ( *GRIN *)

SPAM filters only HIDE spam from your view... they do ABSOLUTELY NOTHING to rectify the SPAM problem. In fact, all that they do is make it seem like less of a problem to those whom use them! (* SMIRK *)

Posted by wbenton (522 comments )
Link Flag
Russia bashing anyone?
Where are the Russia bashers advocating firewalling Russia now? The unfortunate thing about prejudice, is that not only is this misguided notion about Russia brought up everytime the article is about a Russian spammer, but its coming from people who live in the U.S. ---the world's largest spamming country.

I'm a U.S. citizen...don't get me wrong, I absolutely don't think firewalling the U.S. would do anything but harm...but some understanding of the facts would be good in any discussion.

I also rarely advocate tax..but instead of the 'everyone's a felon' mentality...we should just put a small charge on each e-mail sent. A truly small charge like .001th of a cent.

This would lead to a trivial e-mail to most people, but it absolutely disrupts the economies of spamming...they are sending out a million e-mails hoping to get one response. It suddenly doesn't become worth it...if even 1/10th of a penny is the charge for the e-mail.

Congress has heard this testimony, but they aren't leaders...they are followers, and they don't see the advantage to them, in inacting such a tax. (that wouldn't produce revenue, not much anyway, but would only disrupt the economics of spamming).

oh well...
Posted by rdupuy11 (908 comments )
Reply Link Flag
Destroying evidence
What do you do if your home has been broken into? You call the cops. You leave everything as is so they can collect the evidence that may help catch the criminal that has broken into your house. You would do it even if there's no clear evidence that anything valuable was taken. You don't want these criminals around your neighbothood, you expect the cops to do their job so that these criminals cannot continue to "work" in your neighborhood, and you help the cops by letting them get all the evidence they might find useful to do their job.

Now what do you do when someone has broken into your PC? most of us just have some "anti-virus" or "anti-malware" from some software vendor looking for these and when they find anything they just erase them. Do we call the cops? No! Do we collect the evidence? No! We destroy it! Unlike our home, we do not let law enforcement check the scene of the crime for evidence. We don't invite them to the scene of the crime. We don't allow them to collect whatever evidence might be there. We just expect them to work in the dark or to go get their own evidence! The same happens with spam. We erase it instead of collecting the evidence.

There's plenty of evidence in spam. Spam leaves a trail of money that can lead through advertiser to spammer to botnet operator. Spam headers contain info about the sending machine, so just inspecting spam headers can lead to infected machines AND connect them with the parties that paid for using them (the advertisers). I have followed one particular Israeli spammer whose spamming operation is obviously botnet-based. The few hundred messages I received from this spammer during two years come almost exclusively from consumer broadband IP space in more than 40 countries. Much of it comes from the US and western Europe. I asked several ISPs for info about the sending IP addresses. Only one replied - a local ISP from Oklahoma - and confirmed that the IP sent lots of spam and the traffic going from there shows that it's an infected PC. So what do we have in this case? An IP address identified by an ISP as an infected PC, an email message sent using the infected PC that is advertising the services of a certain Israeli government agency, and a spammer whose phone number is known, and whose services (botnet-based spam) were used by many known clients - I have a long list that includes lots of respected companies that used this spammers services. So the spammer is locatable. With this I went to the police, and they were very interested, only they could not do much with the evidence.

What I think we really need is that the software we use to protect out PCs would not destroy the evidence, but instead would collect it and make it available to law enforcement agencies around the world in standard ways that they can use to automatically analize the data and to collaborate between them, i.e. share the data, and provide cooperating law enforcement agencies in other countries with the data relevant to them in a proper way (one problem the Israeli police had with the evidence that consisted of email correspondence with an abuse team member of an ISP in Oklahoma is that they cannot use it in dourt, and bringing the person from the other side of the world to testify was not something feasible. I think this would not be a problem if there were standard procedures for transfer of such evidence that are cheap. The local police in the US could have certified that the testimony was given to them and that would be acceptable in an Israeli court at least to a certain extent).

Anyway, my main point is that instead of discarding the evidence we must collect it, give it to the cops, and have them work to gether and help each other by providing the evidence to whatever agency needs it. One way to do it is if anti-malware vendors would include reporting tools in their software. Another is if ISPs checked the traffic from suspicious machines and alert law enfocement (or act as intermediaries: alert customers that their PC might have been broken into and suggest that law enforcement be invited to collect the evidence. With the right software the "invitation" can be quite virtual, without the need of having cops come to one's home to check one's PC. We need a framework of tools that allow collection of evidence, and if we have it we can reduce the spam and the virus problem (not eliminate it, of course...) Meanwhile we our destroying the evidence and give the criminals a huge advantage over law enforcement!
Posted by hadaso (468 comments )
Reply Link Flag
US needs Roght-of-Action laws.. like exist for fax spamming.
Back when i handled my own mail (i now use the excellent FUSEMAIL.COM servers) all connections to my email servers were warned that there was a $1 charge per email for UCE.

This proved to be an effective deterrant, i somply invoiced spammers, then went to small claims court.

A similar mechanism exists for fax spam, the federal government gives consumers a "right of action" allowing any entity to sue fax spammers in local small claimes court.

This needs to be extended to email spam. The prospect of thousands of $1500 small claims lawsuits will drive intelligent spammers out of business.
Posted by disco-legend-zeke (448 comments )
Reply Link Flag
wish i could spell
Posted by disco-legend-zeke (448 comments )
Link Flag
Percentages and PC Illiterates the Cause
Percentages will probably show that the US has more PC's installed than many other countries.

Add that to the majority of PC users being PC illiterate...

Adding 2 + 2 together, you end up with the worst country being the U.S.

Now to complicate the issue, we have existing laws in place which make this illegal, but due to legal loop-holes, we cannot reverse this trend either.

Many claim we don't have enough laws, but we do. We just don't implement them properly.

Thus rather than having new laws which further limit the ability to stop this trend, we only need to re-word a few things about the existing policies which everybody is slipping through.

No need to try and entirely re-invent the wheel as it's already working and spinning... the problem is that nobody is sitting at the helm driving the vehicle properly!!!

Posted by wbenton (522 comments )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.