- Related Stories
-
Black Frog leaps into fight against spam
May 24, 2006 -
Antispam advocate succumbs to spammer
May 17, 2006 -
Blue Security attack linked to blog crashes
May 4, 2006 -
Antispam list gets spammed
May 3, 2006 -
Cyberattack knocks millions of blogs offline
May 3, 2006
In research conducted in May, the e-mail security company found that 64 percent of machines sending out junk mail were in that country. Next was the United States with 23 percent and third China, with 3 percent.
CipherTrust also determined that unwanted e-mail traffic went up as much as 20 percent worldwide in May. The data was gathered using CipherTrust's network of fake "zombie" computers, among other sources, the company said. Spammers typically use networks of zombies, or compromised PCs used without their owners' knowledge, to send out their junk messages.
The company attributed the spam rise to two factors: the demise of antispam efforts by Blue Security, and growing use by spammers of image-only e-mails to defeat filters.
After a distributed denial-of-service attack at its service provider, Six Apart, Blue Security announced it would cease its antispam activities. The Israeli company ran an effort called Blue Frog, which enlisted people to send replies to unwanted e-mails, resulting in a barrage of messages to spam servers.
"They (Blue Security) had hundreds of thousands of clients," Dmitri Alperovitch, a CipherTrust research engineer, said Friday.
As for image-based spam, it's now one of the most popular ways for spammers to combat filters, he added. Text is placed into a message as an image. This allows them to fool some systems that use textual recognition to parse the words of a message to identify e-mails as spam.
Using images, spammers can also more easily alter the print, background color and other identifying factors used by message analysis tools, Alperovitch said.
"It's hard to identify as spam, unless you are using optical-recognition technology, trying to identify characters within an image to recognize as text," he said.
But optical-recognition technology is typically not appropriate for use in antispam systems because it's fairly slow and not extremely accurate, he said.
Alperovitch also said CipherTrust saw 7.4 million new zombies in May. About 24 percent of them are located in China, 9.4 percent in the U.S. and 7.5 percent in Germany. However, Alperovitch noted, there are only thousands of spam servers.
"There are about 5,000 servers who are actually sending the spam to the zombies. Most people would not even see the spam server. Their interaction is only ever with the zombies out there," he said.
See more CNET content tagged:
CipherTrust Inc.,
Taiwan,
zombie,
spam,
spammer
each email message. The cost would be so low -- perhaps a
penny a message -- that it would be a very slight charge to
individuals, but that is enough to clobber slammers. Legit
businesses could negotiate their own deals. This SHOULD NOT
be administered by governments or it will serve simply as a tax.
It is likely to be a money saver as the need for mail filters will
lessen.
Some business, or cooperative effort, needs to be established to
implement this, perhaps one that can be offered to individuals
and businesses who volunteer to participate.
Sign me up!
It comes from bots uniformly distributed worldwide.
The bots are *everywhere*. The bots are controlled through other bots, proxies. You can't trace it that way.
All of it except the stock pumping spam wants you
to go to the spammer's Web site or send mail to
the con artist's (more often than not *Yahoo*) email address.
If the public knew how little Yahoo is doing compared to what it *could* be doing,
Yahoo would be forced to clean up. And they
*could* do it. Mail.com (Outblaze) is bigger
than Yahoo Mail and they *don't* have a fraud
spammer infestation. All it would take would
be a journalist with a backbone to blow the whistle on Yahoo Inc's role in the Nigerian fraud industry.
Most of the spammer Web sites I traced today were
on one little segment of China Netcom. The
spammer is secure there because he knows cnc-noc.net won't do anything. And CNC won't do anything because the companies that connect it to the US, AT&T, Savvis, and Verizon, won't enforcetheir contract language that says China Netcom has to do something about criminal use.
Why won't Verizon and Savvis and AT&T do something?
Because journalists are a bunch of lapdogs.
They don't dare report the story where a big
famous consumer brand corporation is the bad guy.
AT&T knows nobody will ever blow the whistle
on their knowing collaboration with the criminals
who are destroying the public email system.
Verizon and Savvis know it. The journalists know it. Only John Q. Public is in the dark about where spam comes from and who could stop it and why they don't.
It's easier to write some junk about some company nobody ever heard of that's only peripherally involved in the fight, and stay out of the real culprits' way. And get ready to write the story about how the email system died. Just don't name any names.