A new report on spam traffic on the Internet was recently released by the German computer security firm Eleven, which had earlier this summer released statistics on the recent doubling in size of monthly spam email traffic worldwide -- this new report correlates the country of origin of spam mail with the category of website to which the spam links.
Spam email is not just an irritant for email system administrators, but is also a great problem for web hosting providers, in that increases in spam traffic reduce the general performance of the Internet and tarnish the reputation of all web hosts. Web hosting providers must also worry about their own data centers becoming infected and taken over as unwitting purveyors of spam.
Indicators on the country of origin of spam do not pinpoint the original spam propagator, but only the location of the botnets, or networks of infected workstations, that send out the spam. So, this report therefore only gives indications of which countries have had their IT infrastructure infected more so than others. However, the linking of these geographical regions of infection to specific topics of spam is much more conclusive.
The first conclusion is that botnets are not general-purpose -- each one is specific to a particular topic of spam, such as gambling, software or pharmaceuticals. The leader in spam among all topics for October 2011 was online casino gambling, accounting for over half of all spam worldwide. Spawned from botnet sites in Vietnam, Brazil, Indonesia and India, this type of spam traffic, like many other types, appears to follow a chronological cycle, starting slowly and building up in daily intensity over a few weeks, then totally stopping for a day or two before returning for a week at very intense daily levels.
Spam that offers luxury items for sale, such as watches or jewelry, was next after online casinos in traffic totals; spam for cheap versions of obviously counterfeit well-known software was next, followed by offers of pharmaceutical drugs, especially those promising virility enhancement -- Indonesia appears to be the major source for this increase in these three categories of spam.
One of the most interesting statistics was the drop in spam traffic from Russia, formerly a leader in spam traffic. This drop may be attributable to the takedown last spring of the Rustock botnet, one of the world's largest botnets -- there were estimates that this rogue system contained as many as two-and-a-half million infected Windows workstations, mainly in the United States and Europe. The takedown of Rustock corresponded with a major decrease both in spam traffic from these countries and in spam worldwide for the pharmaceutical category.
