The “Dirty Dozen” SPAMPIONSHIP – who’s got the biggest zombie problem?

Imagine that a cybercriminal could tell your computer what to do, whenever he wanted, from the other side of the world.

Any program you could download or run, so could he.

Any website you could visit, advert you could click, form you could fill in, or comment you could post, so could he.

Any file you could open, document you could edit, or company spreadsheet you could view, so could he.

Any social networking account you could log into, so could he.

Any ransomware you might install by mistake and thus wipe out all your data, he could install on purpose.

That’s exactly the sort of power you give away to crooks if you let your computer get infected by a bot, also known as a zombie.

→ The word “bot” is short for “robot,” because your computer turns into a remote-controlled cybercrime robot. The word “zombie” means that a crook can bring it to life without you realising, and tell it to do pretty much whatever he wants, almost certainly something illegal.

But the activity for which zombies are probably best known is sending spam.

As SophosLabs in Hungary measured recently, a typical computer on a typical internet connection can easily send more than 5,000,000 spams each week, illegally promoting an ever-changing cocktail of shady products and services, and pumping out malware in attachments.

What this means is that if we map out where spam comes from, we are mapping out the zombies at the same time.

Indeed, once a quarter, we do just that, and we jocularly call it the SPAMPIONSHIP.

So here are the results for Q3 (July, August, September) of 2014:

Click on the image for a hi-res version

Why should you care?

Well, if you’re high on the spam-sending charts, that means you’re also high on the letting-cybercrooks-do-whatever-they-want charts.

That’s bad for everyone else, because they’re receiving waves of spam emanating from you; it’s also bad for you, because your personal information, your finances, and even your identity are at risk.

Let’s be very clear: we aren’t documenting which countries harbour the most spammers, or have the most cybercriminals.

That’s the biggest problem with spam: most of the people who actually transmit the individual emails in a spam campaign aren’t crooks themselves.

They’re unwitting participants acting on behalf of an unknown crook who is probably in a different country altogether.

Of course, measuring spam entirely by volume-per-country is a little unfair, because countries that are very populous, like China, or very well-connected, like the USA, inevitably bubble up to the top of the list.

Indeed, the Dirty Dozen for this quarter consists of exactly the same list of countries as in Q2 (April, May, June) of 2014.

As you can see, the finishing order was given a light shuffle, but that’s all.

Things get fairer – and more interesting – when we divide each country’s spam volume by its approximate population:

Click on the image for a hi-res version

Now we have a measure of spam per person.

Of course, you need to take this table with a pinch of salt, because the SPAMPIONSHIP is the league that everyone wants to lose.

Nevertheless, if we were to pick a country that won-by-losing this quarter, we’d have to single out Belarus, which continues its slide down the chart.

After a year in the #1 spot from Q2 2013 to Q1 2014, Belarus dropped last quarter into second place, and this quarter into ninth place

Belarus is now behind six countries that were also in the Top Twelve last time, suggesting that it has managed an absolute reduction in its own spamming, rather than merely benefitted from an increase by the others.

Overall, however, the SPAMPIONSHIP is a clear reminder of two things:

1. Spam is a global problem.
2. Spam prevention begins at home.

So, don’t be part of the problem.

Be part of the solution, and Kill a Zombie today!

In fact, it’s Cybersecurity Awareness Month.

So why not head out to visit any friends and family for whom you’re the unofficial IT support team, and seek out zombies on their computers, too?