India churns out more spam than ever before – Sophos report

16 Oct 2012

Once again, India has taken the top spot on a list of top 12 spam-relaying countries. Ireland generates spam, as well, but it ranks in the No 43 spot on IT security and data protection firm Sophos’ latest Dirty Dozen report of spam-relaying countries for the third quarter of 2012.

The report revealed India has generated even more spam, up from 9.3pc of all spam captured in SophosLabs’ global network of spam traps in the previous quarter, to 16.1pc in the third quarter.

The top 12 spam-relaying countries for July to September 2012 are as follows:

1     India             16.1pc

2     Italy             9.4pc

3     USA               6.5pc

4     Saudi Arabia      5.1pc

5     Brazil            4.0pc

6     Turkey            3.8pc

7     France            3.7pc

8     South Korea       3.6pc

9     Vietnam           3.4pc

10    China             3.1pc

11    Germany           2.7pc

12    United Kingdom    2.1pc

The UK, which has remained out of the top 12 spam-relaying countries for the last four consecutive quarters (having last appeared in April-June 2011) makes a return to the list, in 12th place.

The US, which last topped the list in the same period a year ago, has risen one place since last quarter and now relays one in 15 of all spam emails. 

Saudi Arabia is the top new entry this quarter, at No 4, relaying 5.1pc of spam for the period. This is likely caused by the Festi botnet that infected many computers in the country in August and then used the computers to swamp the rest of the world with large quantities of spam.

Other new entries since last quarter are Turkey and Germany, while Pakistan, Russia, Poland and Thailand have all dropped out of the list.

Why is India tops for spam?

As noted in Sophos’s April-June 2012 Dirty Dozen report, India is home to 5.3pc of the world’s internet users, making it the third most-connected country in the world after China and the USA. 

However, given that only 10.2pc of India’s population are internet users, the current lack of IT security measures taken to protect computers in the region will likely lead to further problems as more of India’s citizens get online. 

“Spam emails arrive in your inbox via other people’s infected computers,” said Graham Cluley, senior technology consultant at Sophos.

“The latest Dirty Dozen report suggests that a not insignificant number of PCs in India are harbouring malware infections that turn PCs into spam-spitting zombie slaves, controlled by the cyber-criminals who make money by punting junk emails to promote questionable goods, or simply use malicious spam to infect more computers. 

“The authorities in India need to make IT security education a priority. One would be safe to assume that, if computer users in the country are being targeted in order to relay spam, they are likely victims of other online threats, such as fraud.”

Sophos recommends that organisations and ISPs implement technology and follow best practice to ensure malicious emails are not reaching inboxes.

Tina Costanza was a journalist and sub-editor at Silicon Republic