Twice a year, Symantec produces the Internet Security Threat Report,a comprehensive report outlining the major trends in Internet securityover the previous six-month period. One security concern that is ofinterest to many people is the growth of spam and spam-related issues.Symantec monitors the source and volume of spam from around the worldand uses this information to discuss the major trends in thespam-related landscape.
One trend that has been relatively steady is the largest country oforigin for spam messages. In the second half of 2006, around nine outof 20 spam messages were sent from the United States. This highlightsthat although some other countries are gaining notoriety for being spamhavens, the United States is still the number one spam distributor inthe world. In fact, spam from the United States outnumbers spam fromthe second closest country, China, at a rate of seven to one. Soalthough countries like China, Russia, and Brazil are touted as beingthe origin of the new wave of spam, they have a long way to go to catchup to the spam juggernaut that is the United States.
This is not to say that the spammers themselves are American. Thepurveyors of illicit pharmaceuticals, gurus of pink sheet penny stocks,and so-called representatives of “your bank” may very well be fromChina, Russia, Brazil, and other countries, but the spam itself is sentmostly through American computers. This has much to do with the wayspam is distributed throughout the Internet. Spammers use computersinfected with Trojans and other malicious code as surrogates to sendout their bulk emails. This is so that when a spam email is received,it can not be easily traced back to the original sender.
The malicious emailing programs installed on computers around theworld can be used to send emails directly from the computer, to sendemails through the ISP of the computer’s owner, or used to bounce anemail along to another compromised computer. When a computer is used tosend a spam email directly, it is detected by Symantec as a spam zombie.
In the most recent Internet Security Threat Report,Symantec has kept track of and compiled a list of the top countrieswhere these spam zombies were detected. Not surprisingly, the UnitedStates topped this list as well, although with only a slight lead overother countries. Compared to the much larger proportion of spamreceived from the United States, this can mean one of two things: spamzombies in the United States are being used to send exceptionally largevolumes of spam compared to spam zombies in other countries, or thatmore spam from the United States is sent through ISPs and other sourcesthan directly from spam zombies in the United States. Since many of thecountries with many spam zombies have high broadband penetration(Germany and France, for instance), it is not likely that spammers areable to get a higher throughput of spam from American computers,especially since these countries are the source of much less spam thanthe United States. The most likely explanation is that spammers aremore likely to use ISPs or free email addresses in the United States tosend their spam.
As the spam landscape develops, Symantec is constantly tracking andanalyzing data so that everyone – from home users to networkadministrators to executives – can become aware of what the future ofthe Internet will bring. For more information, download a copy of thelatest Symantec's
Internet Security Threat Report.