US Still the Ruling Land of Spam

Although stiffer jail sentences and legislation have cut into the United States' share of junk e-mail spam sent in the past year, the land of the free is still the number one spam sender in the world, accounting for more than a quarter of the unsolicited nuisance, according to a report issued by software security firm Sophos yesterday.

The United States and Canada both dropped significantly in their total output, as did other nations including Japan. However, some nations -- South Korea, China, France and others -- also rose on the "top 12" list, which included one new entrant: Pakistan.

Sophos senior technology consultant Graham Cluley told TechNewsWorld that the U.S. gains against spam were due in part to law enforcement, legislation, and technology, but were largely brought by people fed up with spam.

"People are cleaning up their act and fighting back against spam," he said, also referring to tougher action and cooperation by Internet service providers (ISPs).

Sentences and Security

Although the United States, South Korea and China still account for more than half of all spam in the world, according to Sophos, the U.S. and Canada have effectively reduced their contributions.

The United States was blamed for more than 41 percent of all spam in the same period last year. This year, it dropped to 26 percent, while Canada cut into its share of spam sending that dropped from 7 percent in 2004 to 2.5 percent this year, according to spam received by Sohpos' global network.

Sophos reported that stiffer criminal statutes and sentences had helped cut down the United States' spam share, as did better system security.

"The worry now is that devious spammers will turn to other net-based money-making schemes, such as spyware and identity theft malware, to make their dirty money," Cluley said.

Zombie Factor

Sophos also reported on the continued exploitation of innocent users' machines, also known as zombies, which are silently compromised and then used heavily to relay spam, send spam or engage in other illicit behavior.

The security firm said that more than 60 percent of all spam is now generated by these zombie computers, which allow offenders to conduct their spamming from a different region or country where the computer is.

"What the chart reveals is that spammers and virus writers can exploit unprotected computers anywhere in the world to send out their unwanted messages," Cluley said.

According to Sophos' latest list, the United States tops the list of the five worst spam offenders, followed by South Korea, China, France and Brazil.

US and the World

Although Sophos also credited the U.S. CAN-SPAM Act for helping decrease the total amount of spam sent in the country, Grey Consulting principal analyst Maurene Caplan-Grey called that "baloney," telling TechNewsWorld that the use of zombie computers has allowed U.S. spammers to geographically cover their tracks for some time.

"That just becomes a more effective way of sending spam, a cheaper way," Grey said of zombies. "I still believe that most of the spam starts in the U.S. It didn't go through a U.S. ISP. They don't send it from a datacenter in the other room. They send it to someone outside the U.S., who is sending it globally, and back to the U.S. as well."

Grey indicated that, along with technical improvements in the ability to send spam from servers or compromised machines, there has been an "automation of business process" and the addition of multiple languages feeding the worldwide spam market.

"It doesn't surprise me to see more countries on this list," she said, referring to Spain and Brazil. "I predict there will be more countries added to this."