Malicious Spam Jumps To 3B Messages Per Day 211
Trailrunner7 writes "Last year saw a monstrous increase in the volume of malicious spam, according to a new report (PDF). In the second half of 2009, the number of spam messages sent per day skyrocketed from 600 million to three billion, according to new research. For some time now, spam has been accounting for 90 or more percent of all email messages. But the volume of spam had been relatively steady in the last couple of years. Now, the emergence of several large-scale botnets, including Zeus and Koobface, has led to an enormous spike in the volume of spam."
Want to See Spam? (Score:3, Interesting)
I keep three email accounts. One I give out for things - registrations, contests, all that stuff. One I give out to friends and family. The third just quietly sits there empty. I check it periodically anyway and it makes me happy when no mail is found.
Re:Out of curiosity... (Score:5, Interesting)
Because one person sending a mailshot to a hundred or so people looks a lot like a botnet.
One person mailing their CV to 200 companies can look a lot like a botnet.
One teenage girl telling everyone about a party can look a lot like a spammer.
Sure if the botnet isn't well written then it'll just blast spam out of every node 24/7 but the really good ones are going to try hard to evade detection.
Hell if you've got enough compromised PC's and you're organised as modern botnet herders are then you can collect a lot of good data on how regular users send email and make sure the nodes of your botnet avoid going far outside the curve.
Re:Oh really? (Score:1, Interesting)
Considering the world soon has a population of 7 billion people, on which 1.7 billion people use the internet [internetworldstats.com] and usually people have several email addresses, it means it's still probably like 0.1-0.2 spam messages per day per person. Add filters to that which caught most of the spam and the 3 billion per day isn't actually that large number.
Ya know (Score:2, Interesting)
Re:Want to See Spam? (Score:4, Interesting)
That's why its best to use the middle way. Have own domain and some way to quickly create a new address on it (even if they all go to same mailbox). Always use a new address for different sites and purposes. That way if one of them starts to get problems with spam, you know who sold your address and can easily disable it.
Re:Oh really? (Score:3, Interesting)
And I still see less then 1 per month in my Inbox.
_THIS_ is the price I am willing to pay to allow Google to filter my email.
I do agree that gmail's spam filter does not let much through, in truth, it is way too aggressive. Are you subscribed to mailing lists? Often it'll just tag some random message as spam. I've had various things end up in spam over the years, and really wonder how many landed in there that I never noticed (who checks their spam folder every couple of days?).
Recently I got very upset because I tried to sell something on craigslist, and sure enough, an offer ended up in spam. Of course I didn't check until a couple of days later, and by then the person wasn't interested any more. Since I'm going to start job hunting soon, I can't really afford the uncertainty the gmail spam filter introduces, and plan on moving my email elsewhere.
Seriously. (Score:5, Interesting)
SPAM was the absolute bane of my existence (I have several very public email addresses that have to remain that way) until the day I finally (at at the time reluctantly) decided to run all of my mail through Gmail accounts, without exception. I had used block lists, several ISP-based filters, spamassassin post-POP3 on my own local net, and a bunch of filters, and it was eating hours a day of attending to SPAM (new filters, fixing filters, marking as spam, marking as ham) and so many CPU cycles that a dedicated box couldn't keep up. Not to mention that due to the processing overhead of all that filtering, when someone did send me a message and told me so, I'd have to tell them "I'll get it in ten to fifteen minutes." And all for a few (three, really) email queues that belong to one person and a couple assistants?
Now I forget that SPAM exists, and my email comes in more or less instantly.
For a decade now, Google has more or less singlehandedly kept the internet usable.
Re:Out of curiosity... (Score:3, Interesting)
Maybe in the year 1995. I'm pretty sure they can handle having a list of ISP's mail servers and use them now. Sending from a consumer line would be quite useless anyway because 99% of email services would directly block such emails.
It may be nearly useless. That doesn't mean that botnets aren't sending email direct-to-MX. These hosts have connected to our incoming MX's in just the last couple of minutes, and I'd say it's a small sample :) But, nearly all of these connections get pretty high scores from spamassassin, and users generally don't see the resulting spam.
129-219-159-242.nat.asu.edu
s0106001d60d07529.lb.shawcable.net
79.103.93.54.dsl.dyn.forthnet.gr
adsl-074-251-208-007.sip.tys.bellsouth.net
87-205-77-134.adsl.inetia.pl
77-56-149-16.dclient.hispeed.ch
cpe-065-190-194-031.nc.res.rr.com
cablelink-173-211-215.cpe.intercable.net
host-89-231-69-81.plock.mm.pl
Re:Out of curiosity... (Score:5, Interesting)
But it's my business to pay my ISP to funnel the bytes sent to me. If the bytes coming from your ISP are frequently evil, I'd fully support my ISP in blacklisting you, especially if it saves me money or increases my bandwidth.
So if your ISP decides to cut yours off unless they impose some sort of anti-bot policy, I'd be in favor. And I'm perfectly willing to have my ISP do the same to me if it's what's required to play nice with their neighbors.
If you want your ISP to be blind to your bits, and suffer the fact that they'll have to install more bandwidth and be potentially filtered (and lose customers for that, raising your prices further), be my guest. I'm willing to live with that minor invasion of privacy (cutting off obvious bots) in exchange for lower prices.
Re:Out of curiosity... (Score:3, Interesting)
That's because abuse@ and postmaster@ are the FIRST addresses to get spamblasted on every domain. They have been completely useless for ALL of this millenium.
Face it, the RCFs for most internet protocols were written decades ago for government and academia and were not based on a commercial-use network. FTP, Telnet, NNTP, SMTP, IRC are all obsolete junk and need to just go away like Gopher, Archie, Veronica, etc. There's too much invested in TCP to completely rewrite the way the underlying network operates, but the higher-level protocols need to be replaced by encrypted, authenticated systems that can use a central authority or ring-of-trust if authentication is mission-critical. Email should be the first to go. It's not enough to cover these junk systems with security add-ons & bandaids. They need to be completely rebuilt from scratch to include both public and restricted, private channels.
Of the 5 protocols listed above, SMTP is the only one I still run on my own servers. The others have been replaced with SCP, SSH, SSL HTTP gateways & forums, and various things like texting & twitter.