Spam has always been around, irritating us, preventing valuable information from being accessed and intoxicating our inboxes. A report released by Symantec Labs shows that 89% of all emails are spam and the centres of operation are in Eastern Europe and Russia where control over such activities is very superficial. At the moment, Internet connectivity gains traction in the African continent as well, meaning a possible increase in cybercrime, especially spam in the near future.
Last year, a team of American and German researchers infiltrated into one of the biggest spam-producing networks in order to assess the ingression of spam into the cyberspace. The data reveals that The Pushdo/Cutwail “botnet” sent out 1.7 trillion e-mails over 15 months (about 113 billion per month), had 100,000 enslaved “bots” around the world and had about 30 command-and-control servers in Europe, North America and Russia.The earning of the botnet operators went between $1.7 million and $4.2 million since June 2009.
“Spam e-mails are the biggest money-makers,” said Joe Stewart, director of malware analysis at the firm SecureWorks. The majority of botnets – groups of hijacked computers programmed to automatically distribute spam – operate in Russia and Eastern Europe, keeping them relatively safe from discovery, said Stewart. As long as that’s the case, the spam campaigns will continue.
Spam has migrated to the social media world and according to Sophos, an internet security solution provider, a spam video on the Japanese tsunami is now circulating on Facebook.
Once a Facebook user clicks on the link to watch this “video”, they are re-directed to a spam site parading as Youtube: Foutube. Clicking on the “video” doesn’t actually reveal any whale-on-building action, instead a survey crops up which earns commission for the spammers. A “like” message is then sent out to the network of “friends” of any Facebook user who clicks into the spam attack, prompting a new group to fall into the same scam.
But even a simple action of opening a respectable browser like Google or Bing implies stumbling upon spam. Blekko, a web search engine that aims at offering superior search results to popular Google, Bing etc, has also reported having banned over 1.1 million spam-laden domains that support millions of pages from queries using the search engine’s technology AdSpam, a machine-learning algorithm that examines pages for spam signals.
Google took a stance with the introduction of a search results filter, through which users can customize their spam search results. One month ago the search giant changed its search algorithm in order to remove low-quality sites from its search results, also known as content farms. Bing is also committed to removing spam from its search results, but admits sometimes being behind spammers that perfection their tools and strategies.
“Bing actively detects drive-by download in our indexed pages and warns people when such results are shown as search results… [Also,] Bing actively detects scareware — where the user is tricked in to believing that he has download malicious software and is subsequently forced to either pay for fake anti-virus software or download actual malicious software — in indexed pages. Sites or pages that redirect to scareware, Bing actively blocks them from the search results.”
‘De-mail’ is what Germans have come up with in their battle against spam emails, by charging money for each sent email and/or by making senders authenticate their identity. The German government will carry out this measure by building a secure, parallel e-mail infrastructure linking electronic authentication with real-world identities.
Joined action is another good answer to spammers. Rustock, one of the world’s most prolific spam email networks, together with the 26 servers used to carry out malicious attacks, have been put down by a team of Internet service providers and software vendors.