Anti-spam companies identified a pattern where spammers jump to new TLDs (define) after using existing ones for a matter of hours. McAfee Avert Labs noticed spammers registering for domains on small islands with their own TLDs. Domains are registered at such islands as Tokelau (.tk); Isle of Man (.im); and Sao Tome and Principe (.st) and used for as little as one hour.
“[Spammers] literally hop between domain registrations in order to evade filters,” said David Marcus, security research and communications manager at McAfee Avert Labs. “They’re really thinking two or three steps ahead to avoid the filters.”
Use of small-island domains may be on the rise, but a statement released by the European Commission calls for increased efforts among member states to fight spam. Despite extensive European Union legislation, the member countries continue to “suffer from illegal online activities from inside the EU and from third countries,” the commission said in the statement. It cites the “Dirty Dozen” from Sophos to outline the top countries for their spam output.
|Top Spam-Relaying Countries, July-September, 2006|
|2||China (incl. Hong Kong)||13.4|
|Source: Sophos, 2006
Spam originating from within the U.S. accounts for 21.6 percent of spam, toping the list by country. Asia is first in relaying spam when the data’s broken down by continent; it sends 34.1 percent of the world’s spam. Spammers send 31.9 percent of spam from within Europe; 24.2 percent from North America; and 8.3 percent from South America.
The third quarter of 2006 saw an increase in the number of proof-of-concept programs and more Microsoft Office-focused attacks, according to Kaspersky Lab.
|Online Scanner Top 20 for October 2006|
|Other malicious programs||19.01|
|Variants from the Warezov family||27.31|
|Source: Kaspersky Lab, 2006|