SCCyberworld

Thursday, October 18, 2012

India Spews More Spam Than Ever Before, as UK Returns to “Dirty Dozen”

SophosLabs research shows one in every six spam messages now relayed via computers in India

Kuala Lumpur, Malaysia, October 17, 2012 –IT security and data protection firm Sophos has published its latest 'Dirty Dozen' report of spam-relaying countries for the third quarter of 2012. Since the previous quarter, India has grown its lead at the top of the hall of shame, and now relays 16.1% of all spam captured in SophosLabs’s global network of spam traps.

The US, which was once a permanent fixture as the leading superpower in the spam stakes and last topped the table in the same period a year ago, has risen one place since last quarter and now relays one in 15 of all spam emails.

The UK, which has managed to remain out of the top twelve spam-relaying countries for the last four consecutive quarters (having last appeared in April - June 2011) makes a return to the list, in twelfth place.

The top 12 spam-relaying countries for July to September 2012 are as follows:

Country
1.         India                            16.1%
2.         Italy                             9.4%
3.         USA                             6.5%
4.         Saudi Arabia                5.1%
5.         Brazil                           4.0%
6.         Turkey                                     3.8%
7.         France                          3.7%
8.         South Korea                 3.6%
9.         Vietnam                       3.4%
10.       China                           3.1%
11.       Germany                      2.7%
12.       United Kingdom          2.1%

Other                           36.5%

Saudi Arabia is the top new entry this quarter, relaying a significant 5.1% of spam for the period.  This is likely caused by the Festi botnet which successfully infected many computers there in August and then used the computers to swamp the rest of the world with large quantities of spam. Other new entries since last quarter are Turkey and Germany, while Pakistan, Russia, Poland and Thailand have all dropped out of the table. 

As noted in Sophos’s April-June 2012 Dirty Dozen report, India is home to 5.3% of the world’s internet users*, making it the third most connected country in the world after China and the USA. However, given that only 10.2% of the population of India are internet users, the current lack of IT security measures taken to protect computers in the region will likely lead to further problems as more of India’s citizens get online.  

“Spam emails arrive in your inbox via other people’s infected computers,” said Graham Cluley, senior technology consultant at Sophos. “The latest Dirty Dozen report suggests that a not insignificant number of PCs in India are harbouring malware infections that turn PCs into spam-spitting zombie slaves, controlled by the cybercriminals who make money by punting junk emails to promote questionable goods, or simply use malicious spam to infect more computers.  The authorities in India need to make IT security education a priority.  One would be safe to assume that, if computer users in the country are being targeted in order to relay spam, they are likely victims of other online threats such as fraud.”

Sophos recommends that organisations and ISPs implement technology and follow best practice to ensure that malicious emails are not reaching inboxes. 

Taking a global view, Asia is still the worst offending continent, responsible for almost half of the world’s spam, followed by Europe and South America. Top spam relaying continents for July-September 2012 are as follows:
Continent
Asia                 48.7%
Europe             28.2%
South America 10.2%
North America 9.5%
Africa              2.9%
Other               0.5%

“Spam is still a big threat to computer users, particularly for those who might not be aware of the simple dangers of clicking on links in unsolicited emails,” continued Cluley. “This could represent a ticking time bomb as Asian nations like India and China – which actually have comparatively few computer users in terms of their overall populations – continue to become more connected.” 

Further information about the latest Dirty Dozen report can be found on Sophos's Naked Security site at: http://nakedsecurity.sophos.com 

No comments: