The Symantec Messaging and Web Security team started off 2007 with the release of a new monthly report geared towards the media. This report, entitled The State of Spam: A Monthly Report was released last week, covers December 2006, and can be found here.
Do you want to know what the top spam type for last month was? Or how about what new techniques spammers are currently using? Did you see some unusual spam in your Inbox? Check out our report and see if it's a new trend. People interested in what’s going on in the ever-changing world of spam will want to get their hands on a copy of this report for the metrics, latest trends, new spam examples, and data points of interest.
Have you noticed more spam? You're not going crazy. Symantec AntiSpam tracking has shown an increase in spam by over 15 percent from the month of October to mid-December. In early October, spam accounted for 56 percent of all email messages, and by December the percentage of spam peaked at 80 percent. This is a huge increase. If you are an email user, please ensure you are fully protected from spam and the nasty stuff that can come delivered via spam such as viruses, fraud, and spyware. Everyone with an email address can be protected by installing antispam and antivirus protection. If you are using a free email service, check to make sure they have measures in place to protect you.
I think an interesting data point is the originating country for spam messages and email messages in general. At just under 60 percent, the majority of email in the world originates in North America. Of this, around 45 percent is spam. Yes, you read that correctly. That statistic surprised me, too. But, North America is not alone in this measurement. If you take a look at other countries, you will see that spam constitutes the majority of their email messages. This high percentage of spam vs. legitimate messages is in line with our previous data that shows around 80 percent of the world’s email traffic is spam. Think of all the email messages you send and then imagine that those (hopefully) are contained within the percentage of legitimate email in the entire email-using universe. When looked at from this perspective, the sheer volume of spam is mind boggling. Thank you antispam filters that prevent the 80 percent of spam from dropping into my Inbox!
For the past while, image spam has been a hot topic issue in the industry. The volume of spam messages seen utilizing this technique varied from 20-35 percent between October and December of last year. A new technique within the image spam type was the use of the CAPTCHA (“completely automated public Turing test to tell computers and humans apart”) approach. Spammers are experimenting with this in an attempt to evade antispam technologies that rely on OCR technology. Basically this technique utilizes what a lot of Web sites use to make the distinction between whether a user is human or not. This technology generates randomized and distorted text to prevent automated programs from recognizing it. Samples of the CAPTCHA technique can be found in the The State of Spam: A Monthly Report described above.
The newest trend noticed was the attempt by spammers to piggyback onto legitimate email newsletters and e-zines. A previous blog in this category was created on December 21, 2006, entitled Tricky New Spam Tactic. In this latest trend, the spammer takes a legitimate newsletter or e-zine and adds their spam ad to it. At first glance you think it’s legitimate, even the headers looks right. It’s not until you open it that you see that it isn’t what you wanted, but in fact it’s spam. Possible motivations behind this approach are leveraging name recognition of a known legitimate company. A user is more likely to open emails from a known entity, one they recognize and trust. Spammers may also be banking on a higher false positive rate that may make some antispam solutions hesitate to create filters for fear of blocking the legitimate newsletter. Read more about this technique in the blog referenced, as well as the new monthly report.
The State of Spam: A Monthly Report contains the nitty-gritty and up-to-date info on what’s happening in the spam world. I’ve captured some of the highlights above, but for anyone interested in the state of spam, this report is good source of information.