Spam Explodes in First Half of 2009

By Matthew Harwood

Spam has once again reached the same volume it did in November 2008, when the servers of a major spamming company were disconnected, according to e-mail and Web security firm Marshal8e6.

"The McColo event was a welcome, but temporary respite from the spam deluge," reports Marshal8e6's July TRACE Report on e-mail and Web security trends.

In November 2008, the servers of the San Diego-based McColo Corp., a Web-hosting company, were disconnected. Immediately afterwards, security analysts saw spam reductions ranging from 40 to 66 percent.

Nevertheless, the deluge has returned, and cybercriminals are savvier than ever, Marshal8e6 reports.

In the wake of theMcColo shutdown, it seems that those responsible for the key spamming botnets have evolved much more sophisticated location and recovery mechanisms to counter any sudden loss of their control servers. These measures include the use of domain name and random domain generation rather than hardcoded IP addresses and appear to have been successful for the spammers.

During the first half of 2009, Marshal8e6 has seen a 60 percent increase in spam, a return to pre-McColo spam levels. According to the firm's estimates, spam accounts for 150 billion messages a day, or 90 percent of all inbound e-mails.

Seventy-five percent of that spam comes from the same five usual suspects, according to Marshal8e6. But the most notorious spammer of the quintet is the Rustock botnet, producing 40 percent of all spam caught in the firm's spam traps by the end of June.

The report says the Rustock botnet is a lean, mean, spamming machine, which can send 25,000 e-mails from a standard desktop computer. The botnet's spam of choice: personal male enhancement and other pharmaceutical products.

Yet while spam has returned to its mid-2008 levels, the percentage of spam described as malicious has dropped precipitously. In between August and September 2008, more than 35 percent of spam was considered malicious. Since the McColo takedown in November 2008, malicious spam levels have never even hit 5 percent of all spam sent. June of this year saw malicious spam's highest spike since the McColo disconnect: 3 percent of all inbound spam.













♦ Photo of G-Mail spam inbox by no/Flickr

♦ Photo of Viagra Spam by mightymightymatze/Flickr

♦ Graphs courtesy of Marshal8e6


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.