Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Spam United States The Internet

U.S. World's Foremost Spam Nation In 2004 274

Posted by timothy from the then-why-is-mine-mosly-cyrillic? dept.
der Kopf writes "As reported by ZDNet, '42 percent of all spam sent this year came from the United States,' which makes the U.S. the unthreatened king of the 2004 spam hill. Number two on the list is South Korea (with 13.43%), while China can be found in third place (with 8.44%). The U.S. put out more spam this year than all the other countries in the top 12 combined." All depends who's counting, I guess.
This discussion has been archived. No new comments can be posted.

U.S. World's Foremost Spam Nation In 2004 More

U.S. World's Foremost Spam Nation In 2004

Comments Filter:

  • And it's mostly coming from fucking idiots... (Score:5, Interesting)

    by Anonymous Coward on Saturday December 25, 2004 @12:08PM (#11180968)
    ...with owned, unpatched Windows machines sitting directly on cable or DSL connections.

    If Comcast and Verizon spent half as much on cracking down on their moron customers as they do on mailers begging me to use their Internet services, they'd have this problem under control in no time.

  • A better question... (Score:4, Interesting)

    by Mhrmnhrm ( 263196 ) on Saturday December 25, 2004 @12:13PM (#11180982)
    How did they come up with their numbers? I can easily see the US leading because of zombified Windows machines, but where are the ISP mail relays those zombies are using?

  • Spamvertised web sites in China (Score:5, Interesting)

    by MightyYar ( 622222 ) on Saturday December 25, 2004 @12:34PM (#11181054)
    I report all my spam via Spamcop.net [spamcop.net], and while I don't have any numbers, it seems like almost all of the spamvertised web sites reside in China.

    My understanding is that if you could close down the spamvertised sites, spam would largely be restricted to phishing attacks. If I didn't believe this, I probably wouldn't bother using spamcop!

  • Sure it will (Score:3, Interesting)

    by rsilvergun ( 571051 ) on Saturday December 25, 2004 @12:47PM (#11181099)
    as the center of the world's economy moves away from the US (which is is). Americans have way too high a Standard of Living. Worse, we've got a high SoL for most anybody here. The rich bastards of the world are busy ballancing the books and it looks like India and China (with their hugh, easily abusable populations) will come out ahead. Just give it time and the spammers won't have nearly enough Americans with more money than sense anymore, but they'll be plenty elsewhere.
  • You've managed to put your finger on the biggest problem in the Western social and economic system, that corps have the same rights than humans but none of the responsibility .

    Though I don't think hitting the corporations financially as punishment really works. Large corporations will typically build in potential losses from economic punishments for misdeeds into their business model. A company may knowingly release a product they know to be unsafe, and simply put a portion of their profits aside for paying out of court settlements to victims.

    In essense, this is akin to saying that it's alright for me to go around killing people without fear of jail if I can afford to pay the victim's families a large portion of money.

    What I'd like to see is criminal charges brought on descision makers in corporations who knowingly use unsafe methods to produce a product that they know to be dangerous. In other words, a manager who makes the decision to save $0.02 on each product produced by using a less safe part won't be hedging those cost savings against the potential court costs from the families his company's product kills, he'll be hedging it against the very real possibility that he himself may face prison time for multiple murder charges.

    We cannot give large corporations exemption from responsibility on a human level. We see corporations as faceless entities, but there are always human beings behind the scenes making decisions on how that corporation acts. If we start making those humans accountable for the actions of the company for whom they make decisions, I think we'd start seeing quite a bit more safety, envrionmental and social responsibility in the corporate world.

  • Just because all of this spam is coming from America, doesn't mean Americans are the spammers. Most of the spam, I would be willing to bet that most of that mail is from stupid Windoze users getting pwned and having their "super-fast", "always on" connections that they don't even know how to use. But take a look at who writes these viruses and stuff, they whould be the ones held accountable for all of this traffic. Also, look at the spamhaus lists or such, how many of them are American? Not many. So before all of you foreigners go on your self-righteous, America bashing campaigns, take a look at the facts and not just some bullshit those dirty, dental hygienically challenged bastards from across the pond are spewing forth.

  • Who is the real badguy? (Score:4, Interesting)

    by mahesh_gharat ( 633793 ) on Saturday December 25, 2004 @01:37PM (#11181274)
    Yeah, most of the spam is also US centric. It mainly contains either Via9ra or P3ni5 enlargement programs. Most of the people out side US receive these mails and some stupid amongst those who really want to purchase those products by reading the mails can not buy since most of these products even don't have distribution network outside US.

    One of my friends, who work for a US based company, which sells cigarretes online. All this guy has to do is get some working email ids and send the mail drafted by the US based company. He does this from location outside US though. This guy has written a UserAgent (Robot) which goes to Yahoo and grabs the email ids at random and mails them. Untill this it looks very bad but if you see inside they do get enough business through this channel for their survival at least. They do not have any other business channel other than this and they are doing fine.

    Even if this guy is generating the SPAM from the location outside US, he is doing it for his master sitting there in US.
    Now, who is the real badguy?

  • Re:And it's mostly coming from fucking idiots... (Score:1, Interesting)

    by Anonymous Coward on Saturday December 25, 2004 @02:05PM (#11181373)
    My company uses Verizon DSL and we've been having a lot of problems lately due to getting dynamically assigned IP addresses that have been previously used by customers with trojaned machines. The IP addresses have been made it onto some spamming blacklists, but Verizon doesn't bother to remove them from the pool, so I find emails to customers and business partners disappearing into the ether thanks to the blacklists (unless I keep unplugging the DSL modem until I get a decent IP address). Maybe if Verizon customers start to realize why their emails aren't getting through there will be some pressure on Verizon to get off its ass and police its network...

  • Re:Spamvertised web sites in China (Score:4, Interesting)

    by Zocalo ( 252965 ) on Saturday December 25, 2004 @02:07PM (#11181375) Homepage
    it seems like almost all of the spamvertised web sites reside in China.

    Not for long I suspect, I do quite a bit of statistical analysis of spam and there are definitely changes in progress. Over the two years or so, there has a swing from using open relays and "bullet proof" hosted servers to actually send the spam to using compromised boxes on broadband connections. This is reflected in the report; a move from IPs in China to those in DSL pools countries with sizable adoption of broadband connectivity.

    The actual sites being spamvertised however have remained solidly in the traditional havens where ISPs with questionable anti-spam policies can be found. However, over the last few months in particular I have seen steadily growing numbers of spamvertised sites that are also being hosted in DSL pools, undoubtably on compromised boxes. From a spammer's perspective this is a no-brainer (no more hosting fees) so it's fairly obvious that this trend will continue I think.

    There are both good and bad points to this. The bad is that it makes traditional SpamCop style IP reporting almost unworkable - there are so many unpatched boxes that an ISP has no chance at dealing with them all. It was a game of Whack-a-Mole to start with, only now the number of holes that the moles can pop up from has gone up by a few orders of magnitude. The good however is that DNSBLs of the actual domains being used instead of the IPs, such as the SURBL lists, that can be generated from SpamCop submissions are *incredibly* good indicators of spam - so keep up that SpamCop reporting!

    More contentious though, is how ISPs might respond to this new spammer tactic. The simplest solution is probably going to be further restrictions on what an IP on a broadband connection can and cannot do. I expect to see more DSL services that are blocked prevented from running servers on certain ports, forced to send email through the ISP's gateway server, and possibly even outright firewalling of certain "remote access" ports like NetBIOS, RPC and so on.

    Frankly, given the rising tide of spam, ever increasing port scans bouncing off my firewall and almost total apathy of J.Sixpack in keeping his/her PC patched, I'm getting more fond of this idea every day. What I'd like to see is ISPs offering "standard" DSL packages with the kind of restrictions I mentioned above stated up front, alongside an unrestricted "premium" package - it could even cost a little extra. Alternatively, there is the middleground approach that my ISP uses: you can't run an email server by default, but send tech support and email and they'll unblock port 25 for free and periodically check that you are not running an open relay.

    One thing's for sure, if/when ISPs do respond to this latest spammer tactic, the spammers simply move the goalposts yet again. :(

  • Just after Christmas last year I noticed quite an uptick in spam attempts on my mailserver from U.S. residential broadband IPs. Clearly this was from new computers received as Christmas gifts getting quickly zombied.

    All the people who came downstairs this year to find a shiny new Dell or Gateway under the tree should be getting their machines owned by spammers right about..... now. So prepare for another post-Christmas onslaught as the spammers play with all their newly-acquired toys.

    ~Philly

  • Re:And it's mostly coming from fucking idiots... (Score:3, Interesting)

    by idiotnot ( 302133 ) <sean@757.org> on Saturday December 25, 2004 @03:57PM (#11181704) Homepage Journal
    I have a Verizon customer who attempts to send my mail server around 1k emails per hour. I complained to Verizon three and a half months ago. They shut the host down for about a week, then let him back...same thing. Normally, I get between 17 - 22k blocked connection attempts from ipfilter _from this one host_ per day.

    I complained again, and they didn't do anything. I really can't imagine the computer on the other end is at all usable, because it's so busy trying to send spam.

  • Re:Wrong: China is Still # (Score:4, Interesting)

    by ScrewMaster ( 602015 ) on Saturday December 25, 2004 @04:05PM (#11181733)
    I can believe Comcast is still #1. That's my ISP and the number of spams I get (not to mention the number of worm propagation attempts) from Comcast addresses is remarkable. Of course, they do have a lot of IPs. I do know that, in my area at least, they've implemented a policy whereby if you send more than some {undefined} number of emails within some {undefined} interval, SMTP access is suspended automatically. I know because I had accidentally set my mail server to bounce unknown messages back to the sender. Since I receive over a thousand spams a day that made me a spammer, so far as Comcast was concerned. Okay, my bad ... but Comcast couldn't be bothered to let me know what was going on. Their assumption was that I was deliberately spamming: the fact that I might have been zombied didn't seem to occur to them. All I knew was that my SMTP access had been blocked, for no apparent reason, and their tech support had no idea what was going on. I finally found a person who had a clue, and he said it would take a couple of days for my access to return automatically.

    I hear all kinds of noise about how to deal with spam from the standpoint of broadband users running as unwitting spam relays. Everything from "make it the ISPs responsibility" to "require users to get training and get a license in order to get online". What is the real solution? I don't know, but anything that requires passing a Federal law will probably cause more harm than good. Doesn't mean they won't try to pass one, though.

    Personally, I liken people that run unprotected, unpatched machines as being "bad neighbors". You know the kind: the one that lets his dog run free and crap all over your yard. Yes, I realize that most of these zombied systems are in that situation because of the ignorance of their owners. But if that neighbor started building a garage extension on your side of the property line, you wouldn't let him off the hook because he couldn't read a survey.

    People don't really think of security as being a social issue as well as a personal one. I believe that most people want to be good neighbors, and would take steps if you reported their dog taking a dump on your property. But there are hundreds of thousands, if not millions, of zombies out there whose owners have no idea that their systems are crapping in everyone's back yard. Somehow, we need to close the loop on these people so they a. know that they've been taken over and b. give them easy, effective steps to take care of the problem. Tall order, I know. Comcast is heading in the right direction with their policy, but they need to let people know when they've been disabled, and why. Maybe they are now, I don't know.

Slashdot Top Deals

Genetics explains why you look like your father, and if you don't, why you should.

Close