Record Broken: 82% of U.S. Email is Spam

Datamation ^ | May 5, 2004 | Sharon Gaudin

[FourPeas]

Outdoing most analysts' worst predictions, spam accounted for 82 percent of all U.S. email last month.

After a two-month drop in spam, the number of unsolicited bulk email skyrocketed in April, bringing the saturation number up to record levels here in the U.S. and across the world, according to MessageLabs, Inc., a security company based in New York.

''This is as bad as we've seen it,'' says Paul Wood, chief information security analyst for MessageLabs. ''I think it's likely that it will continue to rise but perhaps not at the same rate that it did in the past month.''

And April did show a dramatic increase.

According to Wood, spam was on a steady increase last year, going from a 50 percent saturation in the middle of 2003 to 63 percent in January of this year. But then there was a largely unexpected sharp decline. February saw the rate drop to 59 percent, and March was even lower at 52.8 percent. That means in March, spam accounted for 52.8 percent of all the email traveling around the world.

But that drop was short-lived.

In April the rate shot back up, surpassing the January high, to hit 67.6 percent globally. And here in the United States, it hit 82 percent.

''You have to wonder if this will eventually affect people using email,'' says Wood. ''We haven't seen a decrease in email usage but we'll have to see how high the numbers go.''

Earlier in the year, security analysts warned that spam was increasing at such an alarming rate that they expected it to make up 80 percent of all email by the third quarter of 2004. That prediction was several months off.

And spam has a big market to target.

The Radicati Group, Inc. reports this week that there now are 980 million active email accounts around the world, and 40 percent of those are corporate accounts.

Wood says he attributes the drop in spam during February and March to the CanSpam Act that went into effect this past January. He adds, though, that the act, which has been criticized for not having enough enforcement teeth and for allowing far too much unsolicited email to continue to flow legally, hasn't stopped spamming. Wood says he figures that the major spammers just slowed down operations so they could figure out how to better dress up their spam to make it appear to fit into the legal limits.

Once that was done, they could resume operations with even more force.

''It's not legitimate,'' says Wood. ''It's just dressed up to make it look that way.''

Wood also attributes the rise in spam to the huge number of open proxies on the Net.

Virus writers began teaming up with spammers last year, and so far it's been a dangerous combination. Virus writers send out malicious code that infects computers and opens a back door in the machine. A hacker then can use that back door to remotely control the computer, sending out more viruses, Denial of Service attacks or millions of pieces of spam.

Wood estimates that 70 percent of spam is sent through open proxies.

[bootyist-monk]

The most interesting proposal that I've seen is to create a gateway at ISP. Anytime email is sent, the first thing that happens is that the ISP asks your computer to solve a small math problem that is randomly generated. Nothing it can't do in 5 seconds or so. You wouldn't even notice it.

However, for a Spammer sending out hundreds of thousands of emails, think of the torture of them going out at the rate of 12 per minute.

[CIB-173RDABN]

I also do not understand those that actually buy any thing via spam, but I think it is the fact the cost of spam (to the sender) is nothing, and they can send out millions of offers, they only need a very small group to respond to make it worth while.

I will be surprised if this problem is not solved within ten years. I don't know what the ansewr is, but it is costing businesses a lot of money to fight spam, sooner or later they will take some of that money and get a solution. The cure may be worse then the problem, but it will be solved.

[Psycho_Bunny]

Interesting.  I'm running GFI MailEssentials on my 300-user network and averaging 72% spam. 

GFI seems to miss around 1 out of 15 spams but I had users who were getting 60 spams a day now get 2 or 3.

At $1,250.00 for unlimited usage, MailEssentials was an awesome deal.

[RightWingAtheist]

[nhoward14]

Because those programs let messages through that he is able to stop.

[justlurking]

While it isn't necessary an "open proxy", spammers are starting to convert compromised systems on DSL and cable-modems to something that can send spam.

The system is compromised by one of the various worms (email or port-scanning), giving the attacker unrestricted remote access to the system. The attacker then sells a list of IPs to a spammer, who uses them to relay spam.

To avoid becoming an unwitting participant, practice the usual safe computing:

1. Use a firewall (preferably a hardware firewall: they are down to almost the same price as software firewalls).

2. Use an email scanner to check your incoming email. Don't open attachments that you don't expect or recognize. Use something besides Outlook Express.

3. Don't download/install software from the 'Net unless you are sure it is from a reliable and reputable source.

[kms61]

One big difference: The junk mailers pay postage. The spammers pay nothing. In effect, YOU'RE being charged for spam email you don't want.

[aruanan]

Mine is at least that. I easily get over 50 a day. Most of them are from Pacific Advanced, Sapphirex Access, and Instant Refinance. They either contain nothing or contain about 2 paragraphs of text from some random book of literature or their screed. There's no provision to unsuscribe (if that would even work). I wish I had a way of locating the originator, tracking him down, and force feeding him Spam until he exploded.

[Proud_texan]

I just changed my email address as well but there's a good chance that even if you don't give it out that it won't find it's way into spammers lists before too long.

I keep close tabs on my mail server logs and it's amazing how many directory attacks there are; spammers using open relays to send email to a long list of names in a sheer brute force attempt to find valid addresses (an invalid address returns an error).

Even with ORDB blocking installed some still get through before they're trapped by some server code I whipped up (two wrong addresses and the IP is booted and blocked).

If your ISP or whoever runs your mail server doesn't do a fair amount of work to stop directory attacks and if you use an email name that's in an attack dictionary they're gonna find you, sooner or later.

Somewhat depressing, I know, but that's the way it is...

[FourPeas]

Usually what the provision to unsubscribe does is tell the spammer that the e-mail address goes to an actual person rather than a machine. Therefore, those e-mail addresses that respond and click on the "unsubscribe" link are sent more spam. Spammers are nasty.

[aruanan]

If your ISP or whoever runs your mail server doesn't do a fair amount of work to stop directory attacks and if you use an email name that's in an attack dictionary they're gonna find you, sooner or later.

I sent the originating addresses to my school's IT people asking them to just do a university wide block, but I've gotten no response. I know that at least one university in Europe has blocked Pacific because I did a google search on that originating email address. So I wonder if there's any way the government can pass a law that permits such spammers to be shot through the lungs. That would be one way of getting them to stop.

[amigatec]

I got 4 SPAMS in November, 2 in January, 1 last month, and 1 the other day.

That makes 8 total since June and I run NO SPAM blocking software.

I run Mandrake Linux as a primary OS and run a Linux firewall with SquidGuard blocking the ads.

I don't have a problem with SPAM.

[Drango]

I don't have a problem with SPAM

Yeah but I bet dollars to donuts you can't (don't) post to usenet or list your email on any web page. You don't have a problem 'cause you don't use it....

[amigatec]

I run an open source project on Sourceforge.net and my real email address is posted ALL over the net.

It's simple I block the ads and spyware doesn't run on Linux.

[madison10]

85% seems low. I just cleaned out my mailbox. Total e-mails 485. Total keepers 15. Total waste of space.

[dickmc]

I have been thinking about this for some time as getting
about a 100 spams a day is really becomming irritating
even with Eudora which has an excellent junk mail automated filter.

How about making it legal to stop credit card payment and
keep the product. The only requirement would be to save
a printed copy of the original spam mail.

This way the spamer's profit would instantly stop and
if wide enough the spamer's client profit might actually
become negative. (Sending out hundreds of products
with only a few paid for.)

Would be a bit tough on the credit card agencies but
I suspect that most of that kind of thing is automated
anyway.

Where spam is already illegal, blocking a credit card
charge might also be a way to flush out the spammer.
I can't imagine a spammer selling a product really wants
the public visibility of trying to force payment.

[ModelBreaker]

I keep thinking that there must be some way for legitimate senders to identify themselves to my account in such a way that if they fail to do so, the mail does not come through. Is it really that complicated?

You can do that too. Most isp's have an option that lets you require that any sender identify themselves as a human--not a machine--before the email gets thru. They have to type in a word that they see.

[Joe_October]

I don't know if they are making money on it. If you start a business or want to sell a product, you get contacted from people who will send out a million emails for you. You pay them and they send the mail. Whether you get a return on your investment or not is anyone's guess. I would guess no, but the guy who sent the spam got his money already.

[dickmc]

Joe re your reply and Post 56

If, however, the product sellers can't make a
profit because of credit card customers not
allowing payment, (a point which would be after
they have shipped the product promoted by the
spam and given a legislation that says it is OK
to deny payment because it originated by a spam mail
a copy of which the customer has retained), then
there would all of a sudden be no incentive for
such companies to use spam mail.

Clearly because of a retained spam mail showing
the link to the company pushing the product there
is an unarguable nexus between the spammer and
the company pushing the product, either directly
or indirectly.

The bottom line is that the profit would disappear
and thus the reason for spamming in the first
place.

[steve-b]

look at the list of tricks he has seen used

The law should treat "tricks" used to bypass a spam filter the same way it treates "tricks" used to bypass a password prompt -- as a form of computer cracking. (For those of you keeping score at home, that's a crime that can get you five years in prison. While I'd prefer something along the lines of Abu Ghirab, I'll settle for sending spammer to a regular Federal pen.)