Symantec Says It Doesn’t Pay to Get Up

Today the company stated that, on corporate networks, slightly over 90 percent of e-mail traffic is spam. (I wonder if that includes edicts from above!)

When I saw that figure, I thought of two things – Is it really bringing the spammers enough revenue to be worthwhile?  Where are the botnets located?

from ComputerWorld

Spammers seem to be working a little bit harder these days, according to Symantec, which reported Tuesday that unsolicited e-mail made up 90.4 percent of messages on corporate networks last month.

That represents a 5.1 percent increase over last month’s numbers, but it’s nothing out of the ordinary. For years, spam has made up somewhere between 80 percent and 95 percent of all e-mail on the Internet.

Symantec reported that nearly 58 percent of spam is now coming from so-called botnets –networks of hacked computers that can be misused by criminals to steal financial information, launch attacks or send spam. The worst of the spamming botnets — called Donbot — generates 18.2 percent of all spam, according to Symantec.

These botnet computers can be rented out on the black market by anybody, but in recent months some spammers have been moving away from botnets, experimenting with a new way to sneak their unwanted e-mail past corporate filters, according to Adam O’Donnell, a researcher with antispam vendor Cloudmark.

This makes me wonder if anyone really cares, as something that has a name, must have been found by IP address, and so should be able to be defended against very easily, and on the other hand, traced, and eventually shut down.

Perhaps this is being done, as the article tells us that Facebook and Twitter are being hijacked by spammers now.

“Some of the larger ISPs are seeing a lot of non-bot-driven spam,” O’Donnell said. With these campaigns, the spammer will rent legitimate network services, often in an Eastern European country such as Romania, and then blast a large amount of spam at a particular ISP’s network. The idea is to push as many messages as possible onto the network before any kind of filtering software detects the incident. Spammers are sending hundreds of thousands of messages per day using this technique, O’Donnell said.

Social networks are also becoming an increasingly important spammer’s tool. Over the past week, criminals began taking over both Facebook and Twitter accounts, stealing users’ passwords with different phishing attacks.

These stolen accounts are then used to spam the friends of the phishing attack victims.

In the case of the Twitter attack, the hacked accounts were used to send out bogus Twitter messages promoting a free trial of an acai berry dietary supplement. Security experts say that social-networking spam is particularly effective because it can’t be filtered at the corporate firewall and appears to come from a friend of the recipient.

I’m certain it is harder than what I believe it to be, but also easier than continuing to deal with the problems on an ad hoc basis. A concerted effort should be made to eliminate rogue e-mail, but then there is the question of how.

Isn’t this what Microsoft was trying to do a couple of years ago? The trouble was that Microsoft wanted to make money from the deal, and make little guys pay for the technology. Perhaps Google (the only big guy company who will do things for the public good, it seems) should get something going, and let others in incrementally.

Since every report I’ve read states that much of this spam, and other malware begins outside the U.S borders, there should be extra levels of inspection for foreign packets – an IP Customs of sorts.

The entire report from Symantec is found here (pdf).

§

‘

if everyone had a SmoothWall, spam would be less a problem!