Sophos Reveals Latest Spam-Relaying Countries 181
An anonymous reader writes "For the first time in more than two years, the United States has failed to make inroads into its spam-relaying problem. The U.S. remains stuck at the top of the chart and is the source of 23.2 percent of the world's spam. Its closest rivals are China and South Korea, although both of these nations have managed to reduce their statistics since Q1 2006. The vast majority of this spam is relayed by 'zombies,' also known as botnet computers."
Why Divide By Country or Continent? (Score:5, Insightful)
Furthermore, these percentages don't appear to be normalized in any way. Does the United States contain more than 23% of the world's internet traffic? Probably. What about the sheer number of IPs assigned to citizens? Again, probably more than 23% of the world's total user population. Even if it isn't that high, it'd still show that countries like China are doing ok relative to the sheer number of users they have. I think this study only showed that spam is directly proportionate to internet usage. And nothing more.
Logically, you would divide by source or company or--better yet--ISP. I think the penalties should come from the companies that make money providing the internet service to the sources of the spam. Even if it's a bot or open relay for spam, the ISP should investigate it and shut it down. I honestly wouldn't be surprised to see Cox & Comcast show up on that list as they are so unbelievably careless.
I think laws against the internet service providers are in order to force this but it's difficult to track. That's why Sophos should publish names of internet service providers and drag them through the mud, I don't care about countries. And how about making the penalty for the ISP a bit tougher as in you get one warning about a particular user and then you're restricted from providing internet service?
In the end, you have to ask yourself--do we really want to make this a responsibility of all governments? I think the answer is 'no' considering that they can always just open up some operation in another nation and find an ISP dying for cash. Then you have to chase them there.
Re:Why Divide By Country or Continent? (Score:2, Interesting)
Once I saw some statistics that USA is the originator of most of the spam.
Re:Why Divide By Country or Continent? (Score:2, Funny)
Re:Why Divide By Country or Continent? (Score:3, Informative)
Hormel Foods sells SPAM not spam, and last time
I checked they were quite picky about spelling
Re:Why Divide By Country or Continent? (Score:2)
I'd like to see these statistics normalised to population.
Re:Why Divide By Country or Continent? (Score:4, Insightful)
How about by the OS of the zombies (Score:2, Interesting)
Re:How about by the OS of the zombies (Score:2)
And what exactly would this prove? If 95 out of every 100 computers on the planet run Windows, wouldn't you logically expect there to be more Windows 'bots than any other? This kind of breakdown would be no less silly than the current by-country ranking system, as the numbers it produces proves nothing more than huge portion of Internet users reside in America.
Now, if you wanted to show normalized numbers, such
Re:Why Divide By Country or Continent? (Score:4, Insightful)
You don't seem to have much evidence for your assertion that ISPs are reluctant to deal with bots. I know that both ISPs your mention have aggressive programs to battle spam that is generated or relayed by users. It is really a very tough problem to deal with.
How do you identify a bot infected computer? What do you do to a customer with a bot infected computer that he is probably not aware of? What preventative steps can you take that will not interfere with legitimate customer traffic?
While technical savvy folks can generally think of solutions to problems, they often neglect the issue of scalability... every solution has to work in an environment that may deal with a million emails a second! Customers get very irate when they are disconnected, sandboxed, and refused further service until they run (free) anti-virus software on their computer. Customer care organizations within an ISP are generally very resistant to any program that will involve turning off customer service or restricting it, because that causes tremendous expense for them in terms of customer calls. ("What does this web page mean? How do I get rid of it?") It is not just about engineering a solution but also deploying it holistically within a company that has issues other than technology.
Other solutions that make managing the problem easier are also very expensive and slow to implement across a customer base of millions. SMTP AUTH deployments are tremendously expensive in terms of customer care, customer education, and engineering efforts. Everything is complicated by scale and working within the confines of a business with other requirements apart from just technical ones.
ISPs spend millions on efforts to combat spam. The anti-spam industry is expected to hit $1.7 billion in revenues by 2008. If you have the answer to all these problems, start a company and sell it. You will be very successful.
Re:Why Divide By Country or Continent? (Score:4, Insightful)
In other news, drivers get very irate when they aren't allowed to drive their unsafe car on the road until it's been fixed. However, banning people with unsafe cars makes everyone else safer, so is a Good Thing. Same with infected computers. If a computer is actively attacking other systems then drop it's connection ASAP - this is good for two reasons:
1. It stops the infected system from doing any more damage to any other systems/people (this may be relaying spam, DDoSing someone, trying to infect other systems with a worm, running a phishing site, etc).
2. If someone loses their whole connection every time they get infected they might actually start giving a damn about their system's security.
that causes tremendous expense for them in terms of customer calls.
If all the ISPs started taking these measures then it would surely *reduce* the number of support calls since the number of infected systems would be reduced. Sure, there'll be a short term peak in the number of support calls but the long term picture is much better. Sadly, most businesses these days only seem to care about the short term bottom-line.
Re:Why Divide By Country or Continent? (Score:2)
Maybe grandparent doesn't, but I do. I work for an ISP, and my company is - unfortunately - extremely lazy when it comes to bots. As the resident security guru I'm working on changing that, but it's an uphill battle.
How do you identify a bot infected computer?
Traffic analysis, if you want to be sure. But there are other signs that are obvious, such as low but constant IRC traffic at all hours of day. In the cas
Re:Why Divide By Country or Continent? (Score:2)
Why continent (Score:2)
I know that at one point I had been messing around with my proxy settings and that allowed it to be abused as an open relay. Consequently, there were about 1-2 days where
Re:Why Divide By Country or Continent? (Score:3, Informative)
I normalized them (roughly). I found the number of Internet users per country at http://www.clickz.com/stats/sectors/geographics/ar ticle.php/5911_151151 [clickz.com] and then calculated what that was as a percentage of the world total.
On the left is the percentages of spam from the article; on the right is the percenta
Re:Why Divide By Country or Continent? (Score:2)
Re:Why Divide By Country or Continent? (Score:2)
Of course it's probably hopeless to expect journalists to figure out high end math such as divisions... It's not as if they went to high school or anything...
"SPCBC" Perhaps? (Score:2)
It would take some legal craftwork to do make this workable, but credit card issuers could help tackle the SPAM problem by creating special-purpose honeypot card numbers that could not be collected on. The up front documentation requirements would be severe on a "defraud the fraudsters" approach like this, lest the system become a social malady of its own. In fact, the sting would probably have to be executed by law enf
Re:Why Divide By Country or Continent? (Score:2)
I normalized them (roughly). I found the number of Internet users per country at http://www.clickz.com/stats/sectors/geographics/a r ticle.php/5911_151151 [clickz.com] and then calculated what that was as a percentage of the world total. I had a nice table made up, but tables aren't
On the S
SMTP senders vs. Reponse URLs vs. $$ (Score:2)
URLs for responses are another - for a while those were largely in China, but now zombies are starting to provide those services.
Following the money is really the fun part, but that one's hard, and of course that's easy for a spammer to obfuscate (e.g. open a small corporation in a tax-haven country to receive the loot, and launder the profits by buying t
Re:Why Divide By Country or Continent? (Score:2)
FYI - Cox blocks outbound port 25 which largely prevents bots on compromised machines. Culprits in my hosts.allow file: dsl-verizon.net, cable.mindspring.com, adsl.proxad.net and fbx.proax.net, us.xo.net, cable.rogers.net, t-dialin.net, btopenworld.com, t-ipconnect.de, adsl.tpnet.pl, res.rr.com, and
Re:Why Divide By Country or Continent? (Score:2)
"Follow the money"
This is a press release of an AV company. It's essentially advertisement and says "buy more of our stuff, you need it!".
Furthermore, these percentages don't appear to be normalized in any way
Correct. However, the numbers once again allow me to smile
Re:Why are ISPs so reluctant to deal with the bots (Score:3, Insightful)
Updated, it'd be "You can lead a user to clue, but you can't make him think."
As it applies here, the average user isn't going to understand (or want to understand) what benefit these free items will give him/her. They've never heard of a firewall or a rootkit. All they really care about is how much it costs.
Now if a service could show better profits through these steps (from reduced expenses, including bandwidth, support, e
Re:Why are ISPs so reluctant to deal with the bots (Score:2, Insightful)
Re:Why are ISPs so reluctant to deal with the bots (Score:4, Interesting)
Re:Why are ISPs so reluctant to deal with the bots (Score:2, Interesting)
And their computer will be clean and safe... right up until the baddies start handing out their own CDs.
Re:Why are ISPs so reluctant to deal with the bots (Score:2)
#1, don't give the spammers any ideas, and
#2 you'd be surprised how stupid some people are. Remember the "web accellerator" scam a few years ago? I bet if you put "Makes your computer 500% faster!!!!!!1" o
Re:Why Divide By Country or Continent? (Score:2, Insightful)
So why DO people pay extra for fairtrade products, then?
If that were the case Walmart would be broke.
Ah, I see. You merely don't know the difference between "nobody" and "not everybody". There are, in fact, a great number of people who choose their purchases based on morality. It just isn't everybody.
Note also that if everybody did start choosing their purchases based on morality, Walmart would not be broke. Walmart would merely
Re:Why Divide By Country or Continent? (Score:2)
I've read somewhere that most spammers were bipedal, mabe we could work with that...
Deep Throat Knows (Score:5, Insightful)
"Follow the money"
What's so hard here? The US has pushed for having banks and financial service companies to be more open with governments on who is doing what with transactions.
There's always the content, too. Just look in the emails and they have telephone numbers, web sites, the various means of seeing what these scumbags have to offer and how to contact them.
Educating the public is failing. Why? How many public service ads have you seen advising people how to protect themselves from being scammed, preventing identity theft, etc.? I've seen none. I see private ads OF the voice overs of the big dude with the girl's voice, where his identity has been stolen, I think it was for a paper shreader of all things.
Sophos must be with the terrorists as they are not proclaiming victory in the war on terror. Enough has been made of the suspicion (has anything been proved?) that terrorists raise funds this way. I wouldn't put it past them, but I also wouldn't put it past some russian teenagers with limited career potential in Putin's New And Improved USSR.
Re:Deep Throat Knows (Score:2)
No they don't, not anymore,
and t
Re:Deep Throat Knows (Score:2)
and that's been my personal experience in the inbox as well; I haven't gotten a farmapseudical spam in months! Now there is no money to follow, half of my spam is giffed pump-and-dump stock scamms and the other half is gibberish.
Amazing how their 15% translates into 50% for you. While you were typing that up, didn't a little voice in the back of your mind tap gently at your conscience and suggest the there's a bit of a diff
Re:Deep Throat Knows (Score:2)
Re:Deep Throat Knows (Score:2)
Interestingly, I saw an advert featuring McGruff the Crime Dog [``Take a bite out of crime!''] detailing the dangers of identity theft. Sure, it was a little cutesy. For instance, one part showed a man taking a picture of a guy's credit card at the airport while the dog shouted ``Look! He's taking a picture of that man's credit card using his camera phone!'' However it did
Re:Deep Throat Knows (Score:2)
Far from being proved, I'd argue that I have yet to even see a convincing argument.
Terrorists usually work fairly low-tech, they try to not leave paper trails, and all the major terror organisations already have funding - either from wealthy arab families (Bin Laden is comfortably in the "never-have-to-work" category), from donations (Hisbollah, who are very popular with the people because they also build
No wonder (Score:5, Funny)
Re:No wonder (Score:2)
Or at least some horses.
The thing that I've always wondered... (Score:2)
Re:The thing that I've always wondered... (Score:3, Interesting)
Probably very few. If it is your own system you have to pay for the bandwidth. Or for even less money you can rent time on a botnet that runs on two thousand exploited Windows boxes. There are even Web based interfaces that will walk you through sending your spam. P
I've often wondered... (Score:4, Interesting)
We can do better than that! (Score:5, Informative)
Alternatively, if the spammer/zombie computer has port 25 open itself, have a netfilter rule that rewrites the destination address to that of the sender, increases the TTL, and sends the packets back in duplicate. Again, this is a resource-draining scheme. If it's an open relay, it'll get the spam and resend it. I believe the hop count for SMTP is something like 30 and each packet will go two ways along the wire, so it'll take 2^31 as much bandwidth overall, if a sufficiently large number of users set up this kind of loopback. Companies that simply don't care if their machines are zombies will suddenly notice a degradation of their networks but any packet monitoring they do will show all of the packets to have the IP addresses of their machines for both source and destination. At least some will zombie detox to save their sanity.
Re:We can do better than that! (Score:2, Interesting)
Re:We can do better than that! (Score:2)
Most routers are set by default or can be configured to drop packets arriving on the external port of the gateway where the IP address of the source is set to an address which is internal to the private network behind the gateway. These types of packets,
Re:We can do better than that! (Score:3, Interesting)
Re:We can do better than that! (Score:3, Insightful)
Tarpit aka "Teergrube" (Score:2)
Tarpits are a fine thing to do with
Re:We can do better than that! (Score:2)
Re:I've often wondered... (Score:2)
Imagine... (Score:3, Insightful)
Sadly, any trick (even as drastic as I've suggested) would only be temporary. People still click on random .exe files (and scripts) as fast as they come in. Any Dilbert, South Park, or Pokemon screensaver will be clicked on my some nitwit. I see the forum posts about how certain screensavers don't work. Well, of course they don't -- they're not screensavers, they're little servers designed to relay spam.
Given the vast numbers of idiots, and amateurs online here in the U.S., of course we're in the lead. (I have two teens -- both of them have clicked on evil .exe's -- firing off malicious code warnings on the Windows machines).
Educating the gajillion newly techno-blessed is the only way to get this under control.
How hard is it to understand, "If a stranger gives you an apple -- DON'T EAT IT!"
Do Americans have more, or just less secure, PCs (Score:3, Interesting)
Re:Do Americans have more, or just less secure, PC (Score:2, Insightful)
And why not stop and look at your comment and others: other than *ownership* of computers, the other major common factor here is Windows. It certainly isn't as though Microsoft isn't complicit in this. Look at the security holes and exploits and everything else that can be laid at their doorstep over
Re:Do Americans have more, or just less secure, PC (Score:2)
ISTR I saw some statistics a while ago suggesting that the UK had a far higher DSL/cable connections to people ratio than most other countries (I think even more than the US). Yet the UK is pretty low down on the list of spammers. Admittedly the UK population is lower than the US population though - they really need
Re:Do Americans have more, or just less secure, PC (Score:2)
With wireless support, which is not fully open, but properly secured by default.
Protection for Broadband Users (Score:2)
Re:Do Americans have more, or just less secure, PC (Score:2)
I'm sorry, I can't hear you yelling at me -- my irewall is blocking it.
I for one... (Score:3, Insightful)
Before you flip out and throw the "OMGOOSES MY FREEDOM" argument around, answer me this:
If you were being sent text messages to your cellphone, and being charged ten cents per text message, how long would you tolerate that?
The reason nothing is being done to combat this is due to the fact that when people spend hours cleaning off spam, they aren't even thinkinga bout the "Time = Money" equation. If they were, I think they'd be pretty hot about getting the senders punished.
Re:I for one... (Score:2)
Re:I for one... (Score:2)
I will also note that nominal fees for postal mail does not prevent people from sending me junk mail.
The problem is the ISPs who do nothing to clean up their networks, or who engage in pink contracts, and so on.
Charging for Email - Get the economics right (Score:2)
If you're proposing charging for email, you need to think about who's charging whom for doing what - if you get it wrong, then it's doomed to fail, but if you identify the economic actors and actions correctly, then people may or may not use your system but at least they won't hate you.
The fundamental transaction is that the reader is charging the sende
Re:I for one... (Score:2)
Captcha [wikipedia.org] seems to be the generally accepted jargon you were looking for, I believe.
Personally, I go one step further - my email is (aggresively) whitelisted too. Anyone I send to is on it, anyone in my address book is on it, certain "safe" domains are on it. Everyone else is out. If you're not on it, and you actually know me, and it's important enough for you to contact me then you can do so by other m
Spam Sources (Score:5, Informative)
I also use several other RBLs which have helped a lot.
I also decided to add the worst offending subnets in China as rules for my firewall to block. The worst offending subnet is 221.208.208.x where my firewall reports an almost constant barrage of IM spam, and from what I've read, this subnet has been a problem for years.
For your own blocking, the following script will get all the subnets used by China (or any other country you're interested in, just change $ctry):
#!/usr/bin/perl $ctry = shift || 'cn'; $_ = `wget -O - http://www.apnic.net/apnic-bin/ipv4-by-country.pl
At work, where I cannot do this, most of my spam is also received from China.
Out of the rest of the spam I receive, the US is actually pretty far down on the list of sources, though still much higher than places like the UK, Germany or France. The rest seems to come from places like Poland, Romania and Estonia.
Re:Spam Sources (Score:2, Interesting)
In other news.. (Score:2)
Eliminate the zombies (Score:2, Interesting)
A machine that supports it could ask the sending domain "Is this machine allowed to send email on your behalf?" The sending domain could simply answer "yes" or "no". That would immediately eliminate all the zombies, for those people wh
Re:Eliminate the zombies (Score:4, Interesting)
There is also nothing stopping the spammers from using SPF, and they do. In fact, in many surveys the spammers are registering domains and using SPF *more* than legitimate users are. SPF does mitigate some spoofing issues, but that's about it.
On its own its proven worthless. As part of more cohesive anti-spam strategy it might prove to have some value.
Re:Eliminate the zombies (Score:2)
Every time a spammer needs to register a new domain, it'll cost him money
Yeah. Sure. Like maybe $1.99. Domains are cheap; a spammer can quite easily register a domain, possibly even on the credit card of a random luser that got phished, configure some hosts and SPF records and send several tens of millions of spams in a few hours. All it takes is one valid order with a profit margin greater that $2 from all that and they are in the black, and if they get the timing right then with some registrars th
What a Poorly Written Article (Score:2, Insightful)
My milter reduces spam from fooled computers... (Score:2)
Whether it is a zombie, which is not supposed to have an SMTP server at all, or a legitimate mail-server fooled into relaying spam to you, my milter [virtual-estates.net] will black-list it for a few hours after your spam-detectors issue their first verdict against the relay.
Unlike with most blacklists, though, the damage from a false-positive is merely a delayed, rather than rejected (or, worse, dropped) message...
Re:My milter reduces spam from fooled computers... (Score:2)
Re:My milter reduces spam from fooled computers... (Score:2)
Not quite. The grey-list would require confirmation. My milter simply issues temporary rejections from an earlier suspected server.
A legitimate-but-fooled server may be cleaned-up by the time my automatic block expire. Taken-over zombies never retry anyway.
Re:My milter reduces spam from fooled computers... (Score:2)
Re:My milter reduces spam from fooled computers... (Score:2)
Oh, I see, what you are talking about... In my milter's case, however, it is not the unfamiliarity of an IP-address, but an earlier suspicion against it, that would place a relay onto the grey-list. "Presumed innocent until suspected guilty", so to speak, rather than the "presumed guilty" approach of other grey-lists.
The actual implementation is very light, requires no database-server, and is manageable with touch, ls, chmod, and rm :-)
Re:My milter reduces spam from fooled computers... (Score:2)
Because pf gets the packets before they are shown to userspace, they never even reach Sendmail. They are redirected to spamd, which is designed to use the minimum of resources and replies very slowly (about 10 minutes to send
ISP's and Open Ports (Score:2)
Then each customer could be limited to __ number of emails each day (perhaps 20). Beyond that they would have to log in and manually re-enable their account for another 20. People regularly exceeding their amount could apply for a higher threshhold.
A little inconvenient? Yes. More i
Re:ISP's and Open Ports (Score:2)
Re:ISP's and Open Ports (Score:4, Insightful)
Your mom probably doesn't need to run an email server. Neither does 99% of other ISP users. The far less than 1% (of which I'm included) that need specific ports opened up can do so by working with the ISP.
That would eliminate 99% of zombie spam right off the bat, without significantly affecting anyone. It may take you 5 minutes on the phone with tech support, but it closes a HUGE whole that is actively exploited by the spammers.
Bye-bye spam. It also takes a way a LOT of the motivation for creating zombie machines, so bye-bye much of the spyware and viruses (not all, but probably a noticeable amount).
So we aren't sacrificing freedom for security. We're tolerating a 5 minute phone call for 1% of users so that everyone can enjoy the internet far, far more.
Well worth it, if you ask me. Absolutely nothing is lost. A whole lot is gained.
Re:ISP's and Open Ports (Score:2)
As long as "working with..." means that you can go to the ISP's user interface page, authenticate, click a few buttons, and open the appropriate port immediately. Having to talk to a support rep who barely understands English, being asked 50 times to give a good reason for your desire to open the por
Re:ISP's and Open Ports (Score:2)
If Charter didn't give me good enough service, I'd switch to DSL or some other solution. There are some who only have the choice of one broadband provider, but that's the way it is with any service offered.
For the tiny amount of home users who have a legitimate reason to be running an email server (which is often against their TOS anyway
Re:ISP's and Open Ports (Score:2)
Re:ISP's and Open Ports (Score:4, Insightful)
The commercial drivers could (and may) complain that it's unfair that they have to go through the hassle of getting licensed and registered, after all, each thinks he is a perfect driver and poses no risk whatsoever. But I think most people would agree regulation of commercial drivers is a good thing and everyone benefits.
Likewise, those (myself included) wanting to do more than normal with the information super highway would likely complain if we had to take an extra step before being able to do what we want on the internet, such as running a web server or email server. But again, I think the benefits outweight the inconvenience 100 times over. I could call my ISP and be added to their open ports list in 5 minutes (ONCE), but I easily spend 10 minutes A DAY on spam, and often more.
Mind you, this is only on dial up and broadband accounts. Most T1 lines, etc, used for business wouldn't need this requirement as they already have administrators that keep things secure and zombies to a minimum, and RBL's already deal with most of the rest.
Re:ISP's and Open Ports (Score:2)
I receive maybe one or two spams per day on an e-mail address that's *public* (the contact address for my company)! Good spam filtering software shitcans 95% of the bad stuff. The rest takes about two seconds to delete per day.
-b.
Re:ISP's and Open Ports (Score:2)
But I'm webmaster for dozens of sites, all with various public addresses. Just because spam isn't a problem for you, doesn't mean it isn't a problem for most people.
A good indication of whether or not spam is still an issue (in general) is how often it's discussed, which is regularly on Slashdot, and frequently in many various news mediums and even daily conversation. Google returns 573,000,000 results for "spam", and the Ad Words column is full of ads for anti-spam solutions. Apparently
you have to put those numbers in perspective (Score:3, Insightful)
What I see (Score:2)
I suspect that if things were traced all the way through that many of the US and offshore groups are relate
Re:What I see (Score:2)
Re:What I see (Score:2)
Exactly. Again, the problem boils down to not the spammers, but the people paying the spammers. They'll still be around, so if you get rid of the spammers, the companies advertising via spam are going to find other sources.
Re:What I see (Score:2)
worrying? (Score:3, Informative)
Why is this worrying, in the sense that it needs to be mentioned explictly?
Most of the general public is not medically educated either, yet we have received spam about all sorts of pills for a long time.
And many do not know what 419 is, yet lots of those mails are sent as spam.
Lots of the spam I receive is in far-east languages which most western citizens are not skilled to read.
SPAM in itself is worrying, but there is nothing especially worrying about pump-and-dump.
China has surpassed the US (Score:2)
I blame Bill Gates (Score:2, Interesting)
Re:I blame Bill Gates (Score:2)
Sick of hearing about zombie botnets, spam cartels (Score:2, Insightful)
However, I would applaud a spamming company that slowly removed non-responsive email addresses from their spam lists and tailored their spam only to those few users who respond
Port Blocking and interface? (Score:3, Interesting)
- would it be possible to selectivley block ports?
- provide an ISP based UI, where you could unblock ports based on your account?
- if both above are doable, what over head would this provide?
- maybe provide different default configurations based on the type of user you are (technophobe, newbie, average home user, business user, power user, etc)
- how well would such a solution go down?
Sure you could ask everyone to install the equivalent of zone alarms, but this is not always going to happen.
Re:Port Blocking and interface? (Score:2)
Yep, that's exactly what I was thinking. Just no extra charge for unblocking ports, please?! To avoid automated scripts that ask for the user's name and password and then log in automatically, protect it with a captcha or audio prompt.
-b.
Re:Port Blocking and interface? (Score:2)
that was one of my ideas for a new product or company: a firewall that sits AT the ISP side of things and lets the user create USEFUL filters to block things BEFORE they hit -his- wire.
once they leave the ISP and are on your WAN connection, filtering them isn't going to get you the stolen bandwidth back. but if you can configure firewall filters (useful ones, based on what the user defines, with good flexibility) at the ISP
But How Many Computers? (Score:4, Informative)
http://www.c-i-a.com/pr0904.htm [c-i-a.com]
Here's what they show. I've added the % of spam coming from each country as the last entry in each line:
Top 15 Countries in Internet Usage
Internet Users (#X1000) Users% Spam%
1. U.S. 185,550 19.86 23.2% of spam
2. China 99,800 10.68 20.0%
3. Japan 78,050 8.35 1.6%
4. Germany 41,880 4.48 2.5%
5. India 36,970 3.96 N/A
6. UK 33,110 3.54 1.8%
7. South Korea 31,670 3.39 7.5%
8. Italy 25,530 2.73 3.0%
9. France 25,470 2.73 5.2%
10. Brazil 22,320 2.39 3.1%
11. Russia 21,230 2.27 N/A
12. Canada 20,450 2.19 N/A
13. Mexico 13,880 1.49 N/A
14. Spain 13,440 1.44 4.8%
15. Australia 13,010 1.39 N/A
Top 15 Countries 662,360 70.88
Worldwide Total 934,480 100
It looks like the USA's numbers are right about on track with most other countries with China way out in front as to percent of the spam problem compared to percent of Internet connected computers. What's this? France has twice the percent of spams relaying through their country compared to the percent of Internet users? For shame!
can't say I'm surprised - spam me me me! (Score:3, Interesting)
Polute the world, polute our mailboxes, and be damned anyone who dares question whether this is moral or not!
Funny thing is: my spam filters are now much improved! Thanks!
Per capita or per connection? (Score:3, Informative)
How about a graph of "# of known connections in country vs amount of spam). If country X is only contributing 2% of the spam, but they've got 2% of the overall population and only 25% of that is connected... it shows a little more how the local control on such things may be a bit... lax.
China and S. Korea are worse on per-user basis (Score:3, Insightful)
My mailserver thinks ... (Score:2)
US 28.1%
CN 10.0%
UA 8.5%
KR 5.2%
DE 4.7%
FR 3.5%
PL 3.5%
ES 3.0%
IN 2.8%
BR 2.6%
IT 2.6%
RU 2.4%
JP 1.9%
GB 1.8%
CA 1.6%
TR 1.4%
NL 1.3%
MX 1.
Re:Correction to the Correction (Score:2, Flamebait)
Dude, you meant British citizens.
Have you forgotten about Shaun of the Dead?? [movie-gazette.com]