The dirty dozen spam-relaying countries revealed

Filed Under: Malware, Spam

Dirty keyboardThere's a zombie invasion going on - and it could have infiltrated your business, your home office, or even the corner of your bedroom.

Of course, it's not the kind of zombies beloved by the movie theatres but instead the problem of compromised computers being controlled by a remote hacker.

Many members of the public still haven't understood that spammers don't use their own PCs to send spam - instead they create botnets of commandeered computers around the globe (also known as "zombies"), which can be used to relay spam, send out malicious links and even launch distributed denial-of-service attacks.

If they did understand the problem, maybe they would put more effort into protecting their computers.

Spam dashboard

Sophos has today published a new report, revealing the top twelve spam-relaying countries around the world. We call the list the "dirty dozen", and because virtually all spam is sent from compromised PCs, it's a pretty good indication of where the botnets have got the tightest hold.

The top twelve spam relaying countries for January - March 2011

1. USA 13.7%
2. India 7.1%
3. Russia 6.6%
4. Brazil 6.4%
5. S Korea 3.8%
6. United Kingdom 3.2%
7= Italy 3.1%
7= France 3.1%
9. Spain 2.8%
10. Germany 2.6%
11. Romania 2.5%
12. Poland 2.3%
Other 42.8%

Although the USA and UK contribution to the global spam problem has decreased in percentage terms, it is essential for organizations not to become complacent. Financially-motivated criminals are controlling compromised zombie computers to not just launch spam campaigns, but also to steal identity and bank account information.

Computer users must be educated about the dangers of clicking on links or attachments in spam mails - and many computers may already be under the control of cybercriminals. Businesses and computer users must take a more proactive approach to spam filtering and IT security in order to avoid adding to this global problem."

Dirty monitorIn all, we counted spam being sent from an astonishing 229 countries around the world during the first quarter of 2011. So everyone, no matter where they live, should be taking more care of their personal computer’s protection.

For as long as spam continues to make money for the spammers, it will continue to be a global problem. Too many computer users are risking a malware infection that sees their computer recruited into a spam botnet. To combat the spammers, it's not only essential for computer users to run up-to-date security software, they must also resist the urge to purchase products advertised by spam.

So, don't add to the statistics, do your bit in the fight against spam and don't allow your computer to become a zombie.

Keeping your security patches up-to-date, your anti-virus defences in place and having a good helping of common sense can help avoid your computer from being recruited by the bad guys.

, , ,

You might like

5 Responses to The dirty dozen spam-relaying countries revealed

  1. G Newton · 1616 days ago

    One important piece of information which is missing, what proportion of global computers does each country have.
    The uk's 3.2% of world spam could actually be worse than the American 13.7% if this were taken into account, I actually don't know but would like to know. Statistics can mislead!

  2. p1n5p4n7h3r · 1616 days ago

    The stats are interesting, but blaming the end user for being vicitimized by criminals is hardly a productive approach to solving the problem long-term.

    What needs to happen is an organized campaign to reduce criminal activity in this area. That will be hard. It will require international cooperation. But until and unless that happens, the internet will continue to degrade into nothing more than a cesspool of fraud.

    Governments have proven that, given sufficient will, they can work together to make serious inroads against organized crime. So why are they dragging their feet on internet crime which has already cost individuals, organizations, and governments trillions of dollars?

  3. Greemble · 1616 days ago

    Blaming the end user for not bothering to maintain their own machines is the main approach that might go some way to solving the problem.

    Governments could theoretically do much to clear up the mess. However, the problems are near enough impossible to overcome. 229 countries all working together, using the same approach and methods is not going to happen - There are many differing laws & regulations that would need aligning to allow the actions just to start.
    Then there is what they will actually do...
    Remote cleaning of the end users private computer system?
    Maybe an e-mail sent to the owner/user of the machine in all detected occurrences with instruction on how to rid their system of the bot?
    Perhaps they could send a government official to the address of the owner & take the equipment away, clean it up, then return it (after a thorough examination of the hard drives...)?

    Governments to take action? - No thanks

  4. Andrew Barfoot · 1564 days ago

    Quote "In all, we counted spam being sent from an astonishing 229 countries around the world during the first quarter of 2011..."

    Seems the official count is around 195-200! Where did the other 29+ come from?

    • Paul Ducklin · 1564 days ago

      Country-code top level domains exceed the number of countries. They were issued not only to sovereign independent states but also to any overseas dependent territories. (This neatly avoids thorny diplomatic questions about just how independent various overseas territories are.)

      For example, there are five top level domains associated with Australia - AU, as you might expect, but also CC, CX, NF and HM. The latter is an uninhabited (other than by researchers) island territory half way to Antarctica. it's considered a "country" for internet purposes.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley