The Deadly Duo: Spam and Viruses, May 2004

The spam volume remains unchanged over the month, but Internet users don't have reason to celebrate, as the plateau is not indicative of an imminent decline in unwanted messages.

A small nugget of good news lies buried among the mountains of unsolicited commercial email: the spam volume held steady from April to May, according to two leading email processing firms. Brightmail’s Probe Network found that spam leveled at 64 percent, while Postini measured the monthly volume unchanged at 78 percent.

According to Brightmail’s assessments, the last time the spam volume was unchanged was August 2003 when it maintained a 50 percent level.

But Internet users shouldn’t be optimistic, and Andrew Lochart, director of product marketing for Postini, notes that the plateau is not indicative of an imminent decline in spam volume. Lochart comments on the chief factor for the unchanged volume: “There is a built-in leveling when spam is reaching this rate, because it can’t grow as fast anymore.” Lochart adds, “Month-to-month measurement is not enough for us to claim victory and expect to see a decline.”

While the volume may have temporarily stalled, the distribution of spam among certain categories has changed. Brightmail measured a slight increase in the amount of adult-related spam, indicating that spammers were not deterred by the new rule from the Federal Trade Commission (FTC) ordering sexually oriented unsolicited email to be labeled as of May 19. Most of the spam continues to be product-related, with the largest growth in the scam spam category. Brightmail reports that there were 102,517 consumer complaints about Internet scams made to the FTC in 2002, representing a nearly 100 percent increase over 2001.

May 2004 Spam Category Data
Type of Spam April Volume May Volume Change
Products 23% 22% -1
Financial 18% 17% -1
Adult 15% 16% +1
Health 9% 10% +1
Scams 7% 9% +2
Other 6% 6% 0
Fraud 5% 5% 0
Internet 7% 5% -2
Leisure 7% 5% -2
Political 2% 3% +1
Spiritual 1% 2% +1
Source: Brightmail Logistics and Operations Center (BLOC)

Where’s all the spam coming from? According to Commtouch, Yahoo.com and the United States are the perfect combination of conduits for spammers. Commtouch’s executive vice president, Avner Amram, explains: “Many mail servers reject incoming email attempts at the start of the receiving session (SMTP) [define], if the receiver of the email message is not recognized on the system. The mail server which Yahoo.com uses doesn’t support this feature in the beginning of the receiving session, but rather at the end of it.”

The Top 10 Domains Used by Spammers, May 2004
Yahoo.com 6.46%
Hotmail.com 4.81%
MSN.com 4.30%
Attbi.com 1.78%
AOL.com 1.28%
Canada.com 0.38%
Excite.com 0.23%
Comcast.net 0.22%
Netscape.net 0.22%
Earthlink.net 0.21%
Source: Commtouch

Lochart maintains that identifying unusual traffic behavior from a particular IP [define] address is the first layer of defense against spam, and through its 400 million SMTP connections every day, 53 percent is blocked before content is evaluated. “Unusual behavior is the red flag. We [Postini] don’t even have to look at your message to know that it is something we don’t want to deal with.”

Despite spammers’ creativity, they have not been successful in modifying IP addresses. “Everything in an email message could be spoofed, but they can’t forge the IP address of the person sending the message. It’s the only thing that is unique,” says Lochart, which leads spammers to turn “Grandma’s” computer into a zombie [define].

Research from Sandvine revealed that up to 80 percent of spam is likely generated from zombie PCs that house spam trojans [define]. Sandvine explains that spam trojans are usually installed by worms or spyware, and they exploit vulnerabilities created by worms in order to bypass normal email routing and drop spam messages directly into end user machines.

Trojans are among the nuisances that Internet users encounter, while viruses are often destructive. Of the 5.7 billion messages Postini processed in May, 107,901,554 were identified with viruses – an increase of 0.3% from April.

Top Ten Viruses of May 2004:
Virus Name Quantity Detected
1. netsky 70,360,394
2. objectdata 11,548,333
3. sober 10,057,537
4. mime 6,469,549
5. bagle 4,267,388
6. lovgate 1,147,340
7. klez 936,758
8. dumaru 756,743
9. mydoom 703,753
10. mhtredir 224,699
Source: Postini

Subscribe to get your daily business insights

Whitepapers

US Mobile Streaming Behavior
Whitepaper | Mobile

US Mobile Streaming Behavior

5y

US Mobile Streaming Behavior

Streaming has become a staple of US media-viewing habits. Streaming video, however, still comes with a variety of pesky frustrations that viewers are ...

View resource
Winning the Data Game: Digital Analytics Tactics for Media Groups
Whitepaper | Analyzing Customer Data

Winning the Data Game: Digital Analytics Tactics for Media Groups

5y

Winning the Data Game: Digital Analytics Tactics f...

Data is the lifeblood of so many companies today. You need more of it, all of which at higher quality, and all the meanwhile being compliant with data...

View resource
Learning to win the talent war: how digital marketing can develop its people
Whitepaper | Digital Marketing

Learning to win the talent war: how digital marketing can develop its peopl...

2y

Learning to win the talent war: how digital market...

This report documents the findings of a Fireside chat held by ClickZ in the first quarter of 2022. It provides expert insight on how companies can ret...

View resource
Engagement To Empowerment - Winning in Today's Experience Economy
Report | Digital Transformation

Engagement To Empowerment - Winning in Today's Experience Economy

1m

Engagement To Empowerment - Winning in Today's Exp...

Customers decide fast, influenced by only 2.5 touchpoints – globally! Make sure your brand shines in those critical moments. Read More...

View resource