NEWS: Sophos maps the world of Spam
Unsurprisingly, the USA is the world’s worst offender for relaying spam (13.1%). Surprisingly, bad boy China is now good boy China, having dropped out of the top ten (1.9%). (I find this a little worrying since our esteemed leaders, the Entertainment Industry, will look to China as the model for how to clean up the internet.)
The United Kingdom (3.1%) occupies its historical position trying to separate France (3.0%) and Germany (3.2%) from either fighting each other or sleeping together. Like the old-fashioned Victorian prude, we don’t like either; but if spam sold testosterone rather than Viagra they’d probably go back to fighting.
The bit that continually surprises me is how high the USA always rates in these studies. As Graham Cluley comments, “virtually all spam comes from malware infected computers (called bots, or zombies) that are controlled by ‘botherder’ cybercriminals.” If this is so, then the only conclusion I can draw is that the most technologically advanced country in the world is home to a vast population of technologically illiterate users. And that doesn’t quite ring true to me.
Computer users can unwittingly allow their PCs to become part of a botnet in a number of ways, including clicking on malicious links that are frequently contained within the spam messages that the botnets are used to distribute. The only way for users and administrators to reduce the risk of being compromised is to run anti-spam and anti-malware protection and ensure all software and hardware is up to date with security patches.
That will, of course, help; but it is not the solution. Neither of those will protect against zero-day threats; and zero-day threats appear to be more common than we are led to believe. The only real solution is not to get infected in the first case. And that won’t happen either. But Cluley does make an interesting point: spam is like the gutter press: it only exists because there is a market for it.
Furthermore, we all shouldn’t forget that if no-one bought products sold via spam there would be a lot less incentive to send junk email. Computer users should not just protect their computers from threats like malware and spam, they should also pledge to never ever buy anything advertised via spam.