Product spam, financial spam, frauds, scams, phishing, health spam, Internet spam, adult spam, political spam, you-name-it spam. Despite Bill Gates' brave promise in 2004 (“Two years from now, spam will be solved”) e-mail spam has significantly increased worldwide in the last two years in both volume and size, making over 70% of total e-mail traffic. According to the First MAAWG Global Spam Report from Q1 2006, around 80% of incoming e-mail was detected as abusive. A bit later in Q3 2006 various Internet service providers in the world have reported an alarming increase of unsolicited e-mail in a very short period due to the range of new spamming techniques involved. At the end of 2006 an estimated number of the world's total spam is around 85 billion messages per day (obviously this number is rather approximate) - and it is exponentially increasing. We all know how much it is going to cost (quick spam calculator).
Spammers have undoubtedly adapted and evolved: up to now they used a single IP setup for delivering their unwanted e-mail, usually hopping from one dialup to another. They have used open proxies, open mail relays and other similar easy-to-track sources. Unfortunately, it has changed - current spamming methods now include huge networks (called botnets) of zombie-computers used for distributed spam delivery and Denial of Service attacks. Various new viruses and worms are targeting user computers, making them eventually into huge spam clusters. Not only Microsoft Windows PCs are hacked, more and more Unix and Linux servers are affected too. And it is not for the fame and the glory, but to enable crackers to install and run scripts for the remote controlled spamming. In the meantime, nobody knows how many spambots are currently harvesting the Web in search of new e-mail addresses, their new victims. There is nothing sophisticated in their attacks, only brute force and numbers. Spammers earn a living by making and delivering spam and they do it darn well.
Reality check, 123
Due to the troublesome nature of the Internet today, the spammers and the script kiddies can easily put an anti-spam provider out of a job by simply DDoSing them to death (and doing a lot of collateral damage) - and exactly it happened to Blue Security with their successful but quite controversial Blue Frog service. A person known as PharmaMaster took their campaign as open war declaration and wiped them off from the face of the Internet within a single day. Lessons have been learned: the spammers are to be taken seriously and it seems they cannot be dealt by a single uniform blow nor with a single anti-spam provider.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.