USA No 1 … when it comes to spam, that is
By Digital News Asia July 22, 2013
- Three new countries enter Sophos’ ‘Dirty Dozen’ list of spam-relaying countries
- When adjusted for population volume, Luxembourg and Singapore make their mark
SECURITY company Sophos has published the latest ‘Dirty Dozen’ of spam relaying countries, covering the second quarter of 2013, which saw the United States retaining the top spot.
Belarus made a significant jump into second place; three new countries entered the top 12 (Ukraine, Kazakhstan and Argentina) and three other countries cleared their reputations (France, Peru and South Korea).
With more than a billion people and an increasing demand for Internet access in both countries, it’s no surprise to see China and India in the Dirty Dozen, Sophos said in a statement.
And with more than 300 million people and the lion's share of the world's Internet connectivity, it’s also no shock that the United States leads outright, the company added.
However, when spam scores are scaled up or down in proportion to each country's population, half of the volume-based countries are gone, and others that would usually fly under the radar when measured on spamming volume alone, like Luxembourg and Singapore, suddenly burst onto the scene.
This doesn't mean that Singapore is replete with spam-related cyber-criminality, Sophos said.
Although the Dirty Dozen denotes the extent to which a country's computers are used for delivering spam, it doesn't identify where the spammers themselves are located.
That's because most spam is sent indirectly these days, especially if it is overtly malevolent, such as:
- Phishing emails: These try to lure you into entering passwords into mock-ups of a real site such as your bank or your webmail account.
- Malware links: These urge you to click links that put you directly in harm's way by taking your browser to hacked websites.
- Malware deliveries: These use false pretences, such as fake invoices, to trick you into opening infected attachments.
- Identity theft: These invite you to reply with personally identifiable information, often by claiming to offer work from home opportunities.
- Investment scams: These talk up investment plans that are at best unregulated and at worst completely fraudulent.
- Advance fee fraud: These promise wealth or romance, but there are all sorts of fees, bribes and payments to hand over first.
“Remember that the Dirty Dozen doesn’t tell us from where the spam originates,” said Paul Ducklin (pic), Sophos security evangelist.
“It tells us how spam gets relayed from the crooks to their potential victims. Even if you're the most law-abiding citizen of the most law-abiding country in the world, you might be helping to project your own country into the Dirty Dozen if you don't take security seriously on your own computer.
“It may sound corny, but security really does begin at home,” he said.
There are a few simple precautions can help enormously, according to Ducklin. These include “timely security patching, an up-to-date antivirus and a healthy scepticism about unwanted attachments and ‘too good to be true’ offers.
“By taking these steps, you’ll not only protect yourself, but also help to protect everyone else at the same time,” Ducklin said.
The top 12 spam-relaying countries by volume for April to June 2013
The top 12 spam-relaying countries by population for April to June 2013:
Additional information about the latest dirty dozen report can be found at Sophos' Naked Security site.
Asia, the new breeding ground for spam, says Sophos
Slightly more spam, even more insidious techniques: Kaspersky Lab
Philippines among top spammers to US, Europe