The year 2000—or Y2K—was a year in which we witnessed the Summer Olympics in Sydney, Australia, a United States presidential election decided by the the Supreme Court, and the burst of the dot-com bubble. 2000 was also the year that spam accounted for less than eight percent of all email, whereas today spam represents an average of nearly 90 percent of all email messages, with the majority of the jump in spam volumes surging in the latter part of the decade. This explosion not only affected the volume of messages received, but also increased the negative impact to organizations. While the true cost of spam is difficult to measure, some estimates put the cost at $130 billion worldwide, of which $42 billion is in the United States alone.
In reviewing the past decade, a few notable spam related events stand out:
• In 2004, Bill Gates predicted that spam would be eradicated within two years.
• More than 40 trillion spam messages were sent in 2009.
• Since 2006, spam levels have steadily climbed from 56 percent of all email to an all-time high of 95 percent at the end of May 2009.
• Spammers proved to be more evasive and sophisticated than ever in the past decade as we saw the complexity of spam techniques increase:
• Spam with attached images reached a maximum of 52% of all spam in January 2007;
• PDF spam accounted for nearly 20% of all spam in August 2007;
• Dotted quad spam accounted for 15% of all spam in August 2007;
• As reported in the December 2009 State of Spam report;
• Financial spam accounted for 16%
• Internet spam accounted for 35%
• 419 spam accounted for 9%
• Social networking sites, malware-infected spam, current event related spam, and celebrities have all become prime targets for spammers as they endeavor to create a vehicle to try and enter a user’s inbox. For example, in 2009, Michael Jackson’s death captivated the imagination of some spammers and at its height, Michael Jackson spam easily exceeded President Obama-related spam and accounted for approximately two percent of all spam messages sent.
• The top regions of origin for spam shifted from North America and EMEA towards APJ and South America—in November 2009 APJ accounted for 26 percent while South America accounted for 25 percent. This shift corresponds with an explosion in broadband connections in these regions as their internet infrastructure develops.
• Those on the antispam front have increased their efforts to crack down on spam. Antispam ven¬dors continue to deploy the latest antispam detection technologies. In addition, during the last decade there was the FBI’s Bot Roast program, the SEC’s Operation Spamalot, the McColo ISP shutdown, the FTC's efforts to shut down Internet service provider Pricewert LLC and rogue Internet service provider 3FN Service. ISPs have also demonstrated that they are more willing to share information to thwart certain botnets.
2010 and Beyond: The New Spam Frontier
The economics behind spam dictate that 2010 will be another active year for spammers. The distribution of spam email is set to continue as long as distribution channels remain relatively cheap, botnets continue to be active and shift locations, and spammers develop new and innovative ways to attempt to bypass antispam filtering.
Specifically:
• Distribution networks are becoming more dynamic as additional broadband connected targets are coming online every day. Distribution paths are also becoming more complicated, with spammers now sending messages directly from infected machines, routing through compromised relays, and continuing to use Web mail/SMTP Auth abuse.
• Botnets are also set to continue jockeying for position—botnets that were previously dominant are being undermined by the actions of new more sophisticated botnets. The number of botnets is set to grow as hackers target developing IT infrastructures in certain regions.
• In an attempt to evade antispam filters through obfuscation and hijacking the reputation of legitimate websites, spammers are set to continue using tactics such as URL shortening and using free Web hosting servers—therefore damaging the reputation of some services until they go out of business.
• Spammers are set to continue the progress of blending—a process during which they utilize spam to tempt an end user into buying a product or service—as well as more mischievous and even dangerous practices such as phishing, where a spammer tries to steal a user’s identity and computer resources to obtain money or add to the strength of bot networks by compromising computers.
As spammers continue to become more sophisticated and their attacks more targeted, it is imperative that organizations and consumers alike have the latest technology deployed to minimize the effect of spam and avoid the problems associated with false positives and missed spam altogether. While many vendors offer technology to combat the spam problem, it’s a proven fact that those vendors with the greatest visibility into spam trends and other Web related threats have the most effective defenses and techniques to win the ongoing cyber war. Symantec’s antispam and antiphishing solutions are backed by the Symantec Global Intelligence Network, which encompasses some of the most extensive sources of Internet threat data in the world to offer comprehensive and up-to-date protection against the latest threats, and provides real-time updates to Symantec products at customer sites.