United States Top Culprit As Spam Becomes More Malicious

IT security and data protection firm Sophos has published the latest ‘Dirty Dozen’ of spam-relaying countries, covering the fourth quarter of 2010. The United States increased its lead at the top spot, and continues to be responsible for nearly one in five junk e-mails -- 18.83 percent of all spam messages.

The U.S.’s domination of the list underlines the continuing problem of computers being compromised by hackers in the country, allowing them to be remotely controlled for criminal purposes without the owners’ knowledge.

The UK decreased its percentage of total spam output compared to the third quarter last year -- from 5 percent to 4.54 percent -- however, it remains in fifth place overall.

Sophos notes that, while the same countries continue to dominate in terms of spam output, the nature of the spam being distributed is becoming more malicious. Traditional subject matter such as advertisements for pharmaceuticals continue to be a concern, with some 36 million Americans reported to purchase drugs from unlicensed online sellers -- but more and more messages are spreading malware and are attempting to phish user names, passwords and personal information.

The Top 12 Spam-relaying Countries, October to December 2010:

  1.  Unites States                    18.83 percent
  2.  India                                    6.88 percent
  3.  Brazil                                   5.04 percent
  4.  Russia                                4.64 percent
  5.  UK                                        4.54 percent
  6.  France                                 3.45 percent
  7. Italy                                        3.17 percent
  8. South Korea                        3.01 percent
  9. Germany                              2.99 percent
  10. Vietnam                                2.79 percent
  11. Romania                              2.25 percent
  12. Spain                                    2.24 percent
     
    Other                                    40.17 percent

Sophos warns that there has also been an increase in more focused, targeted email attacks, known as “spearphishing.” In addition to this, Sophos is continuing to receive an increased number of reports of malicious apps, compromised profiles and unwanted messages spreading across social networks such as Facebook and Twitter.

“Spam is certainly here to stay, however, the motivations and the methods are continuing to change in order to reap the greatest rewards for the spammers,” said Graham Cluley, senior technology consultant at Sophos. “What’s becoming even more prevalent is the mailing of links to poisoned webpages – victims are tricked into clicking a link in an email, and then led to a site that attacks their computer with exploits or attempts to implant fake anti-virus software.”

For Q4 2010, Europe decreased its overall percentage of relayed spam messages compared to Q3 2010.

Top Spam-relaying Continents, October to December 2010:

  1. Europe                        32.11 percent
  2. Asia                             31.89 percent
  3. North America           22.38 percent
  4. South America          10.25 percent
  5. Africa                             2.12 percent

“Regardless of what methods spammers use, Internet users should never be tempted to open a spam message out of curiosity, or click on an unknown link, just because it appears on a Facebook friend’s profile,” Cluley said. “Internet users need to become aware of these new approaches to cybercrime as the spamming techniques become more and more sophisticated. As long as spammers continue to make money from these schemes, Internet users can be sure that they’ll continue to receive unsolicited e-mails and social networking scams. To combat this, it’s essential that computer users remain wary of clicking on unknown links, regardless of whether they appear to be on a trusted contact’s social networking page.”

Sophos recommends that companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against spam and viruses. Home users are advised to defend their computers with virus protection, to prevent becoming part of a botnet used for the purposes of sending spam.

Further information about the latest Dirty Dozen report can be found on Sophos’s Naked Security site at: http://nakedsecurity.sophos.com/2011/01/11/report-reveals-the-dirty-dozen-top-spam-relaying-countries/.

 

Featured

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

  • Report: Nearly 1 in 5 Healthcare Leaders Say Cyberattacks Have Impacted Patient Care

    Omega Systems, a provider of managed IT and security services, today released new research that reveals the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety. According to the 2025 Healthcare IT Landscape Report, 19% of healthcare leaders say a cyberattack has already disrupted patient care, and more than half (52%) believe a fatal cyber-related incident is inevitable within the next five years. Read Now

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.