American Zombies Blamed for Bulk of Spam
Sophos attributed the U.S.'s ranking to the prevalence of high-capacity broadband Internet connections there. Small offices and home users with such connections are attractive targets that increasingly have been hijacked and put to work by spammers, often without users being aware.
Security firm Sophos once again has named the U.S. as the biggest spam-producing nation in the world in a recent report. Sophos also highlighted the growing problem of compromised computers, or "zombies," as conduits for the unwanted e-mail.
Sophos put the U.S. atop the latest "Dirty Dozen" list, crediting America with more than 42 percent of all the world's spam in 2004. Other top offenders were South Korea (13 percent) and China (8.5 percent).
Sophos attributed the U.S.'s ranking to the prevalence of high-capacity broadband Internet connections there. Small offices and home users with such connections are attractive targets that increasingly have been hijacked and put to work by spammers, often without users being aware, Sophos said.
"Many spammers have taken their money-making schemes to the extreme by hacking into innocent, third-party computers in an effort to do their dirty work," said Graham Cluley, Sophos senior technology consultant, in a statement. "Many home users' computers are sending out spam because they have had their broadband connections exploited by remote hackers."
The most recent Sophos finding falls in line with previous studies. The U.S. accounted for 42.53 percent of the world's spam in August and for 56.74 percent in February 2004, Sophos reported.
Broadband connections -- prevalent in South Korea as well as in the U.S. -- are attractive to spammers looking to send mass e-mail while covering their tracks, according to Marc Borbas, Sophos product manager for gateway security.
Borbas also told TechNewsWorld that it is easier to use a compromised broadband connection to send spam because the user is much less likely to notice the impact on PC performance.
Sophos also blamed ineffective anti-spam laws in the U.S. Cluley said the Can-Spam legislation of this year had done little to slow spam.
Jonathan Spira, chief analyst at Basex -- a firm that blamed spam for US$20 billion in losses worldwide last year -- said the increasing issue of zombie machines showed that most people do not practice safe computing, such as using firewalls and antivirus software.
Spira told TechNewsWorld the U.S. is responsible for the large percentage of spam mainly because it has more online users and commerce.
"It's a question of access to computers, cheap computing resources and many societal reasons," Spira said.
The analyst added that while enterprises can and do take steps that are effective in blocking or at least minimizing spam -- mainly gateway filtering -- small businesses and home users often do not have the resources to do this.
In addition, while larger Internet service providers (ISPs) have made anti-spam measures standard offerings for consumers, most smaller ISPs are in the same position as consumers, according to Spira.
"Smaller ISPs can't necessarily afford the latest technology," he said. "They really need to do this and they can't."