Forgot your password?
typodupeerror
Security Spam United States IT

The US Continues Its Reign As King of Spam 118

Posted by samzenpus
from the winning-isn't-everything dept.
An anonymous reader writes "The United States continues its reign as the king of spam, relaying more than 13% of global spam, accounting for hundreds of millions of junk messages every day, according to a report by Sophos. However, most dramatically, China – often blamed for cybercrime by other countries – has disappeared from the 'dirty dozen,' coming in at 15th place with responsibility for relaying just 1.9% of the world's spam."
This discussion has been archived. No new comments can be posted.

The US Continues Its Reign As King of Spam

Comments Filter:
  • by MichaelSmith (789609) on Wednesday April 28, 2010 @10:37PM (#32025694) Homepage Journal

    I see about a 40% variation in spam during the week. The minimum seems to be Monday morning for me, which is Sunday night in the US. I definitely get the impression that it drops off when work computers are shut down for the weekend.

    • by jamesh (87723) on Thursday April 29, 2010 @01:08AM (#32026612)

      Me too. I recently got an email with a subject "JAMES URGENT HELP REQUIRED FIRST THING TOMORROW. SHIPMENT NO 40" and it was only because I thought "hmm... I don't normally get spam at this hour" that I read it to find that it was actually a legitimate email. An all caps subject with 'URGENT HELP REQUIRED' in it is almost always spam.

    • by buchner.johannes (1139593) on Thursday April 29, 2010 @01:42AM (#32026794) Homepage Journal

      Woman to husband: "Please turn off the light so I can sleep."
      World to USA: "Please turn off the computers on the weekend so we can get to work."

    • Re: (Score:3, Funny)

      by halowolf (692775)
      This story reminds me of older Slashdot discussions on using blacklists to stop spam and how entire countries should be blocked. I pointed out that they should start with the USA but they didn't really like that point of view, being American and all.
    • Re: (Score:2, Interesting)

      It depends at which kind of spam you're looking at. And in these days we should perhaps start to distinguish the different types.

      If talking about the "classic spam" aka email spam, then yes, I agree with your observation.

      However, (forum) comment spam in our case (Germany) stems mostly from IP address blocks allocated to Russia and former-USSR countries (Azerbaijan, Belarus, Latvia etc.) and China. I would guesstimate those two make up of 80% of the spam attempts. Very few comment spam attempts stem from IPs

  • by Anonymous Coward on Wednesday April 28, 2010 @10:39PM (#32025710)

    We're number one !!!!
    U.S.A. !!!

    • Is there a prize? Possibly an awards show? I want to see the acceptance speech
    • by grcumb (781340) on Wednesday April 28, 2010 @11:11PM (#32025938) Homepage Journal

      I sent 2 terabytes of mail today
      (Sold my soul right there)
      It's the same old thing as yesterday
      (Sold my soul right there)
      I'm a black hat burning out a thousand bots
      (Sold my soul right there)
      Filtering's futile and I won't get caught....

      chorus
      They have blocked all your torrents, you can't even ping
      They've been shaping your traffic into doughnut rings
      But still they can't stop me 'cause of what I am
      For now and forever I'm the King of Spa-am

      King of Spam
      I'll always be
      King of Spam....

      ...With apologies to the Police.

    • by Daniel Dvorkin (106857) * on Wednesday April 28, 2010 @11:23PM (#32026012) Homepage Journal

      I am Liz Cheney duaghter of recenly deposed USA vice President Dick Cheney and I am seking your assitsance with confidential transaction. As you may know my father during his time in office amassed a firtune of $135,000,000 (one hundered thirty five million USA dollars) and I now need your assistantse to move it out of country. As a bionus for your help on this Transaction I can offer you "magic blue pills" guaranteed made in USA to enlarge your penis to massive unheard of USA propportions and also 1000s of young marriagebale USA women seeking to meet you for life in new country. Please contact me at +001 212 867-5309 or conact USA embassy in your Country.

      • by Anonymous Coward on Wednesday April 28, 2010 @11:44PM (#32026138)

        As a bionus for your help on this Transaction I can offer you "magic blue pills" guaranteed made in USA to enlarge your penis to massive unheard of USA propportions

        I nearly fell for this, but a deal genuinely this good wouldn't have been offered to every reader. Generally, I only respond to offers with a fair amount of built-in exclusivity, such as when I happen to be the 1,000,000th visitor to a site.

      • by njen (859685)
        Dear Liz Cheney,

        Your plight strikes a sympathetic cord with me. If you are able to accommodate me these few points, I think I can help you out:
        1) I am only interested in women of "loose" morals.
        2) I want to give your father a head noogie.
        3) I am not fond of the taste of the colour blue. Please supply pills that taste like red.

        Regards,
        Concerned International Citizen
      • I rang this number but Jenny who answered told me that there was no one called Liz at that number. She did say that Tommy would be back in 2 hours and may know of a Liz.....
  • by beakerMeep (716990) on Wednesday April 28, 2010 @10:45PM (#32025766)
    Good spam filters like Gmail's and other have really hidden the problem from public view. People seem to much more freely post their email adresses in forums nowadays with little to no fear of it being harvested. Of course it does get harvested, but they dont care as they don't see it. I guess that's not such a bad thing though, but it's still a strain on the internet as a whole I would think. I wonder what the data size numbers look like rather than % of messages by country. Anyways, my point is just that I wonder if there will be little to no effort going forward from government types or PHB's who don't wanna spend the money for something that doesn't seem to be a problem.
    • by Kenja (541830) on Wednesday April 28, 2010 @10:50PM (#32025800)
      On a domain I've had since the 80's I get around 500-1000 spam messages a day. Google's (postini) spam filter catchs about 95% of them. 25-50 spam messages a day is still too many, and gods help me if I have to go in search of a message that got filtered unintentionally.
    • beakerMeep (716990)
      (email not shown publicly)

      You were saying?

    • by antdude (79039)

      Speaking of Google's forums, how does one hide/change his/her e-mail address like in Google Groups? For example, foo@bar.eduDELETETHISFIRST to e-mail.

    • Good filtering is probably doing a lot for the problem: The chances of any one spam finding eyes is about 1/100th what it used to be. That means a spammer has to send out a hundred times as many for a single sale or mark.
      • Re: (Score:2, Interesting)

        by maxume (22995)

        Hence the theory that most spammers make their money by selling spam services, not by selling whatever the spam is advertising.

        I guess a better way to phrase that is to say that the people paying to send the spam are the marks, not the people receiving the spam.

      • by Rogerborg (306625)
        Because they were voluntarily throttling themselves before now?
    • by thijsh (910751)
      That's good, it should not be a problem for the end user, it should be a problem for the ISPs and companies like Google. Let them fix it and let me post my email address so I can be contacted *and* read my mail without spam. Besides the ISPs have to most to gain from eradicating SPAM, and are the only parties with means to fix it.
    • Good spam filters like Gmail's and other have really hidden the problem from public view

      Except that the filters only end up increasing the cost of business. The filters take human time, CPU time, storage space, bandwidth, etc. Sure the end users see less spam in their inbox but at what cost?

      Someone has to pay for the added expenses. And filtering will never solve the problem of spam itself; it only escalates the arms race as spammers find more ways to overcome filtering. We need to work on the root cause of spam if we ever want to defeat it.

      Anyways, my point is just that I wonder if there will be little to no effort going forward from government types or PHB's who don't wanna spend the money for something that doesn't seem to be a problem.

      A lot of people don't realize or acknowledge

  • by tlambert (566799) on Wednesday April 28, 2010 @10:48PM (#32025784)

    The real question is, relaying it FROM where?

    Sure, the U.S. has a lot of mail servers online compared to other countries. That stands to reason, given that the Internet was invented here, SMTP was invented here, email was invented here. Usenet was invented here. AOL was invented here. And SPAM was invented when AOL connected to Usenet.

    Where is the SPAM originating? Is it originating from the U.S. as well? Most of the SPAM I see is Russian or Chinese in origin, with a small fraction of it actually coming from the U.S. itself. I get more SPAM that originates from Nigerian scammers, in fact, than I do from U.S. hosts. Most of the viagra and pharmaceutical SPAM I get is from Europe or from India, where it's legal to sell the drugs in question without a prescription and ship them internationally.

    This article seems to be about blaming the relays, rather than the origin of the SPAM in the first place, and the U.S. is getting caught out because it has more mail servers, or more Windows machines on the net, and these are being exploited to relay the SPAM, rather than SPAM being a predominantly U.S. problem.

    P.S.: I'm not arguing against blacklisting open relays; I still think that's part of the answer

    -- Terry

    • by DNS-and-BIND (461968) on Wednesday April 28, 2010 @11:08PM (#32025914) Homepage
      Hi, Terry. Nobody runs open relays any more. The spam comes from zombie windows boxes. Spam wasn't invented when AOL connected to USENET, it was popularized when Cantor and Siegel unleashed the green card spam. For an old-timer, you're remarkably poorly informed.
      • by yuna49 (905461) on Thursday April 29, 2010 @12:05AM (#32026270)

        I'm an "old-timer" in a variety of meanings despite my ID, and I know about Cantor and Siegel. Nevertheless, Terry asks the right question and points out how uninformative this article is.

        The article reports that 13% of hosts "relaying spam" reside in the US. But what should we compare that 13% to? According to the figures in the CIA Factbook [cia.gov], some 57% of worldwide Internet hosts are located in the US. So I'd say the article's entire premise is flawed. If the conditional probability of a host spamming were equivalent world-wide then, using the Factbook's figures, US hosts should account for 57% of spam relays, not 13%.

        On top of that, relaying tells us nothing about how spamming works. Spam doesn't come from computers; it starts as some back-alley deal and spreads relentlessly across the globe. Those zombied machines with the ISO country-code domains we all see pummeling our servers aren't the source of the spam either. They're just drones that take their orders from masters far away.

        As Woodward and Bernstein were told, "follow the money." Looking at distributions of Internet hosts tells us nothing about the business of spamming or its effects.

        • Re: (Score:3, Interesting)

          by Njovich (553857)

          According to the figures in the CIA Factbook [cia.gov], some 57% of worldwide Internet hosts are located in the US.

          These numbers look completely bogus to me. How on earth is South Korea listed at 301,270 hosts in 2009? This number should be much higher. And this is just checking the best connected country on the planet. Many of the other Asian and European numbers seem to be low estimates too.

          Of course, it could be that they use some definition of 'internet host' that I wasn't previously aware of.

          • Re: (Score:3, Informative)

            by yuna49 (905461)

            I did a bit of digging, and all the data on host counts appear to be compiled from the ISC Domain Survey [isc.org]. According to the summary on that page, "The Domain Survey attempts to discover every host on the Internet by doing a complete search of the allocated address space and following links to domain names." This would seem to exclude hosts without reverse-DNS records, but I'd need to read the complete study methodology before I could comment intelligently.

            I also looked to see if there were easily-available

        • Re: (Score:3, Informative)

          by Kumiorava (95318)

          CIA Factbook: 383 million (2009); note - the US Internet total host count includes the following top level domain host addresses: .us, .com, .edu, .gov, .mil, .net, and .org

          To be clear .com ending in domain name doesn't translate into US based server or computer. Additionally any other ending in domain name doesn't mean that the server or computer is not located in US. The article is very light on actual technical detail so I wouldn't be able to know how that 13% figure came from, but I wouldn't jump into c

      • by timmarhy (659436)
        the thing is, there are still 100000's of open relay's out there, plenty of them unsecured linux boxes run by amatures.
        • by 1s44c (552956)

          the thing is, there are still 100000's of open relay's out there, plenty of them unsecured linux boxes run by amatures.

          It's a problem but it's nowhere near the scale of the problem posed by millions of windows bots on domestic broadband.

          Anyone who sets up a mail server as an open relay sooner or later ends up blacklisted and can't send mail at all.

        • OK, which distro comes with open relays configured out of the box? I'm curious to know.
      • The "green card SPAM" is only the most famous early SPAM; if you want to be truly technical, Jordan Hubbard sent the first SPAM via a broadcast message to his /etc/hosts file on the very early net, though he wasn't advertising anything.

        You can ask Jordan about this, he rather likes being the first 8-).

        -- Terry

      • Rude slashdotters like you are the reason I don't comment here any more. Go be passive aggressive elsewhere.
      • by Monoman (8745)

        Businesses should only allow outbound SMTP for designated mail servers. We have all outbound SMTP routed through the same anti-spam/anti-virus service that scans our incoming email. We are alerted pretty quickly if an internal client is sending spam out through our system. Typically we have found the users get phished and then the spammers use their creds via a webmail client.

        ISPs should only allow it from customers by request.

    • I'm fairly certain that the Nigerian scams aren't actually coming FROM Nigeria...
    • by muphin (842524)
      Hey Terry, shouldn't you be in jail for Denial of Service [slashdot.org]
      it doesnt matter where the spam comes from, its a business, it matters where it is sent from, shut down that and you've stopped it. Spam will always be around its just a matter of advancing technology to filter it, notice i didnt say stop it because like porn, its impossible to stop it all, its always evolving and advancing.
      the poor internet is getting old and having a hard time dealing with spam, but its coping, i remember a while ago they said th
    • Re: (Score:3, Insightful)

      Spam was the logical outcome of low sending cost and extremely few consequences. The niche exploited by people like Canter&Siegel, and by AOL's incessant spamming, has its origins in junk mail advertising, and before that in the wars for public billboard space in the cities of Europe, and doubtless had counterparts in ancient Rome and Athens and Jerusalem. and Babylon. In fact, the Tower of Babylon is a good metaphor for what happens now with spam flooding desirable traffic.

      The problem isn't a technica

  • by shadowbearer (554144) on Wednesday April 28, 2010 @10:53PM (#32025824) Homepage Journal

        Not saying they are wrong, but I suspect a more accurate measure of the problem would require many more sources of data.

      Since they rely on statistics generated from their products (not mentioned in TFA but I can't imagine where else they got their data from), there is an automatic bias introduced there.

    SB

  • Not hard to fix... (Score:4, Insightful)

    by Anonymous Coward on Wednesday April 28, 2010 @11:13PM (#32025948)

    I know two ways that most of this spam can be reduced so the US doesn't remain #1 here, but it takes a clued system administrator to do so.

    #1: Block outgoing port 25 at the routers other than for the ISP's official mail server, and for clients who have signed a form taking full responsibility for their mail servers, and that any spam originating from them will come back onto their heads, not the ISP's.

    #2: Sane mass mail rules on the mail server. Of course, this doesn't apply to mailing lists, but in general, an average Joe won't be sending thousands of MAIL TOs, nor sending out a 10,000 person bcc mail.

    I don't think the problem is ISPs with open relays like which was the issue in years past, but private companies who have PHBs running the place that have no interest in spending for even the basics in security. I personally have encountered a lot of SMB owners who have told me, "Security has no ROI, so I am not interested in wasting my money on it" when presented with a proposal for even just the basics of network security such as outgoing spam filters on the company's Exchange server. They believe that they can call Geek Squad (or some random computer consulting firm that has the most TV ads) to fix anything if they find a problem. Of course, this means that when (not if) the business gets compromised, spambots can end up on numerous machines, and remain there indefinitely until the Windows Malicious Software Removal tool gets run on a patch day (assuming they even bother turning on Windows Update/Microsoft Update), company data gets destroyed, their ISP cuts their access off for TOS violations, or they find their IP range in a blackhole list and all their E-mail bounces.

  • by Tackhead (54550) on Wednesday April 28, 2010 @11:28PM (#32026046)
    There's a sale on quack medical drugs today.
    It's all all 30% off from yesterday.
    There's laetrile, nona juice, and ephedrine for speed.
    Just a Visa or Paypal creds are all you need.

    My partner's in jail, my staff is on the lam.
    We've got botnets with petabytes of hijacked RAM.
    And our ISP doesn't give a tinker's dam,
    'Cause of our reputation as the King of spam.

    Don't miss out on our giant online porno sale.
    (Is my scam out there?)
    We told Grandma she opted in for our e-mail.
    (Is my scam out there?)
    We got lawyers to help preserve our corporate veil.
    (Is my scam out there?)
    We got bullshit and horseshit, we've got tons of fail.
    (Is my scam out there?)

    No doctor will want a medical exam,
    Our chiropractor's part of the insurance scam,
    Get some herbal viagra and become a man,
    'Cos we're known in this world as the King of Spam.

    If you're hawking Chinese knockoffs of Nike shoes, (Is your scam out there?)
    Some 419 scams, offers they can't refuse, (Is your scam out there?)
    With their credit card's keylogged, they can sing the blues, (Is your scam out there?)
    We do fraud, we do larc'ny, anything you choose. (Is your scam out there?)

    Well, AOL shut down Spamford with a slam,
    Alan Ralsky got nailed bigtime by from Uncle Sam,
    But the flood's even bigger than the Hoover Dam,
    'Cause we're known the world over as the King of spam.

    King of spam.
    King of spam.
    King of spam.
    We'll always be King of spam.
    We'll always be King of spam...

    - With apologies to Weird Al Yankovic, and of course, The Police :)

    • And I thought I was the only one who heard that tune in his head after reading the title!

      I'm even seeing Sting walking around with his 1983 razor stubble and white clothes.

      He's got the stubble back but now at his age, he looks more like a lobster boat captain than a cool looking rock star.

  • by Opportunist (166417) on Wednesday April 28, 2010 @11:37PM (#32026094)

    It's not that the king spammers are in the US, it's that the US has the most machines permanently connected to the internet and infected by spambots. The whole statistics is a bit skewed because spam is one of those crimes where the one executing it is not necessarily also the one wanting to do it.

    Just because the machine sending the spam is in the US doesn't mean the one wanting to send the spam is.

  • by jht (5006) on Wednesday April 28, 2010 @11:44PM (#32026144) Homepage Journal

    Not a shocker. According to an antivirus company, most spam comes from a place where people use Windows and are clueless about preventing infections. The zombie Windows machines are a big part of the problem, but the command & control systems seem to mainly be overseas. As are a lot of the products/scams being pitched.

    What this says is that in the US users need to do a better job of securing their computers. And all around the world spammers need to be killed.

    • Re: (Score:3, Interesting)

      by Opportunist (166417)

      Last I checked the controlling stations are mostly in Turkey, Malaysia and Ukraine. I'm not entirly sure why, but I guess it's easier to keep control servers online in countries where the police has better things to do than to hunt down criminals that don't affect the local economy... or at least not in a harmful way.

    • I think its a false assumption to assume the Chinese are much more skilled in keeping their computers clean.

      These statistics only account for total spam, but not the spam per computer ratio. You might find very different results if this is accounted for.

    • The zombie Windows machines are a big part of the problem, but the command & control systems seem to mainly be overseas. As are a lot of the products/scams being pitched.

      I don't see the logic in your argument. The US has zombie consumers too. Most of our products come from overseas (because of the impact of the dollar and the lack of laws those countries have). That doesn't mean the command & control Corporate structure isn't in the US.

  • USA #1 (Score:5, Insightful)

    by antdude (79039) on Thursday April 29, 2010 @01:15AM (#32026652) Homepage Journal

    We're #1, we're #1. YEAH! Go USA! :D

  • This is a surprise to me. That so much of the Spam is initiated here is disconcerting, because we should be able to do something about it. More needs to be done to tie the money stream to the spamming. If it is a particular affiliate stream then the pressure needs to be brought down on them to tighten things up or face consequences. Ultimately the problem with spam will only go away when people stop illogically being enticed into doing things because of it. Unfortunately spammers need such a small retu
    • by ScentCone (795499)
      honestly would have thought at this point almost all spam originated outside the US

      It does. You're confusing the origination of the spam with the infected machines used to relay it.
  • . . . is another man's ham. Both are dead pigs.
    • by 1s44c (552956)

      . . . is another man's ham. Both are dead pigs.

      Ham is dead pigs. Spam is a mix of 90% cheap stuff with 10% dead pigs. Spam is all filler and no content.

      • Re: (Score:1, Insightful)

        by Anonymous Coward

        Ham is dead pigs. Spam is a mix of 90% cheap stuff with 10% dead pigs. Spam is all filler and no content.

        I think the generally accepted story of unsolicited bulk email being called "spam" has to do with a Monty Python sketch involving Spam. And I'm not citing a reference to this, as it really doesn't matter if the story is apocryphal or not. Spam is mostly dead pigs. And you do realize that a great quantity of material in dead pigs is "cheap stuff?".
        It is more like 90% dead pigs and 100% cheap stuff... and if you can't figure out why this does not add up to 190%... well, logic is apparently not for you.

  • Spam drops to a trickle on US national holidays like thanksgiving.

    Fscking Yanks...

  • Excuse me, but shouldn't that be Kingdom of Spam?

    Nations shouldn't be treated as a person; they aren't corporations (yet).

  • The first impression I had when reading this post was:
    "The United Kingdom continues its reign in SPAM"
    Had it happened to someone else or am I becoming crazy?

The meat is rotten, but the booze is holding out. Computer translation of "The spirit is willing, but the flesh is weak."

Working...