United States tops the chart of spam senders

1 Mar 2004

To no one’s surprise, the US tops the list of countries responsible for sending unsolicited email or spam. The security software provider Sophos has compiled a chart of offenders – its so-called dirty dozen – and it found the US was responsible for more spam than the other 11 countries put together.

The top performers, so to speak, are the US (56.74pc), followed by Canada (6.8pc), China (6.24pc), South Korea (5.77pc), Holland (2.13pc), Brazil (2pc), Germany (1.83pc), France (1.5pc), the UK (1.31pc), Australia (1.21pc), Mexico (1.19pc) and Spain (1.05pc). Others accounted for 12.3pc of the list.

Researchers at Sophos created the list from scanning hundreds of thousands of emails over two days. The messages were gathered using several measuring systems including honeypots – deliberately unsecured, anonymous computers connected to the internet for the purposes of measuring and analysing malicious activity.

With a figure of 56.74pc, the US was the clear leader although in mitigation, it appears that much of the spam that appears to come from within the country may actually have its origins elsewhere. Messages may also have been sent without the user’s knowledge, Sophos’ research indicated.

“Our intelligence suggests that a large amount of spam originates in Russia, even though it appears at only number 28 in the chart. Hackers appear to be breaking into computers in other countries and sending out spam via ‘infected’ PCs,” said Graham Cluley, senior technology consultant at Sophos. “Some Trojan horses and worms allow spammers to take over third-party computers belonging to innocent parties, and use them for sending spam. More than 30pc of the world’s spam is sent from these compromised computers, underlining the need for a co-ordinated approach to spam and viruses.”

Cluley also suggested that national laws would not be effective in guarding against the rising tide of junk email. “Spam is a global problem, and countries worldwide are starting to take the issue more seriously. However, legislation in the UK won’t protect users from spam coming from North America or China,” he pointed out.

Meanwhile Sophos has also suggested several useful tips for reducing unwanted emails. These include never making a purchase from an unsolicited message and never responding to any such mails or clicking on the links they contain, even if they are apparently for unsubscribing from a list. Turning off the preview function in an email application also disrupts some messages that can track when a mail lands and whether the recipient has a valid email address.

Some spammers harvest email addresses to add to their databases by searching in the ‘to’ field of messages; to counter this, Sophos recommends that senders of emails in large volumes should put all of their recipients’ names in the ‘BCC’ list to avoid detection.

Regular email users should also have at least one backup email address which should be used when responding to surveys or completing forms on a website. This advice of itself will not eliminate the spam problem, as Sophos admitted, but it should ensure that beleaguered users suffer from it slightly less.

By Gordon Smith