Report reveals the dirty dozen top spam-relaying countries

Filed Under: Botnet, Malware, Spam

Dirty monitor
A new report by Sophos has revealed the top twelve spam-relaying countries - and, once again, it's bad news for the United States.

Many members of the public still don't understand the vital role that they can play in fighting spam - preventing their home PC from becoming infected.

What many people haven't learnt is that the spammers don't use their own computers to send spam - instead they create botnets of compromised PCs around the world (also known as "zombies"), which they can remotely command to spew out unwanted marketing messages, malicious links and even launch distributed denial-of-service attacks.

SophosLabs has just published its latest report into the top countries relaying spam around the world.

The top twelve spam relaying countries for October - December 2010

1. USA 18.83%
2. India 6.88%
3. Brazil 5.04%
4. Russia 4.64%
5. UK 4.54%
6. France 3.45%
7. Italy 3.17%
8. S Korea 3.01%
9. Germany 2.99%
10. Vietnam 2.79%
11. Romania 2.25%
12. Spain 2.24%
Other 40.17%

In all, we counted spam being sent from an astonishing 232 countries around the world during the last quarter of 2010. So everyone, no matter where they are on the planet, should be taking more care of their personal computer’s protection.

Spam takes a dip?
One aspect of the spam problem which has caught the attention of security reporters in the last few weeks is what appears to have been a drop in spam levels since Christmas.

It appears that some of the botnets used to send a lot of the spam (Rustock is the most notable one) may have stopped pumping out unwanted messages in the last few weeks. That doesn't mean that computer users have cleaned-up their home computers, but rather that the bad guys are now using the botnet for other activities. For instance, installing revenue-generating pop-up adverts or identity theft from unsuspecting home users.

Maybe the cybercriminals wanted to see if they could make a better return that way.

Whatever the reason, the dip appears to have been short-lived, as yesterday the amount of spam appearing in the SophosLabs feeds has spiked back up again.

Spam Christmas drop

Don't add to the statistics, do your bit in the fight against spam and don't allow your computer to become a zombie. Keeping your security patches up-to-date, your anti-virus defences in place and having a good helping of common sense can help avoid your computer from becoming infected, and silently turned into a spam-relay machine for the bad guys.

, , , ,

You might like

5 Responses to Report reveals the dirty dozen top spam-relaying countries

  1. Martijn Grooten · 1733 days ago

    Thought I'd mention that we discovered last month -- by sending lots of spam through many filters in parallel -- that spam relayed through the US tends to be more easy to filter: it was significantly more likely to be blocked by all or all but one participating filter. Spam relayed from China, India and South Korea, on the other hand, tends to be harder to filter.

    More details here (subscriber-only I'm afraid)

  2. Looks like the SPAMMER GUY took holidays from the 24th and came back to work on the 8th... he probably took a short holiday at some summer holiday resort in the greek islands, enjoyed his time off - relaxed.. and like everyone else, turns up on the 8th - turned on his pc at work and started up the spam factory bots again :P

  3. Carol875 · 1733 days ago

    Could you put labels on the y-axis of that chart? Without knowing the numbers, all I can tell is that spam went down and then back up again. Do the numbers start at 0 or a large number?

    • SophosLabs · 1732 days ago

      The bottom line of the graph is at 0. The absolute numbers won't say much, since they don't attempt to estimate the global spam amount, but just reflect the number of spam messages received on our spamtraps per day, which is many millions. The important part here is the shape of the chart, which shows the trend and the relative increase.

      • Carol875 · 1728 days ago

        Recommend you read "How to Lie With Statistics" by Darryl Huff. People should question ANY chart that's not fully labeled. The intent of the author may be honest, but I've seen far too many unlabeled charts that misrepresent the data to be willing to trust any of them.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley