Spammers Recover from McColo Shutdown – Spam Back To 91%

You might remember back in November last year Spam ISP McColo was Cut Off From the Internet and there was a fairly drastic drop in spam e-mail traffic.

Well it looks like the spammers have got their acts back together as spam levels are back up to 91% of their previous volume.

Having McColo shut down was nice, but honestly did anyone think it was going to have a serious long term effect on spam? I didn’t…the spammers are going to find another ISP they can use, even if it’s in another country.

Junk e-mail now back to 91% of its usual levels, says Symantec.

The days of blissfully empty in-boxes are long gone – get ready for another onslaught of spam. Symantec’s monthly State of Spam report, out today, shows that levels of spam are approaching the dizzy heights they reached last year, before the sudden shutdown of rogue hosting company McColo.

It estimates that spam now comprises about 85 per cent of all email traffic, thanks to old bot-nets being brought back online and new ones created.

So if you’re a sys-admin and you’ve been enjoying the break from super high volumes of spam – be prepared for it to start pouring back in again.

It seems like South America is seeing a rise in spam activites too, perhaps due to the spread of Internet connectivity and broadband rollout.

You often see the numbers of compromised machines in a country or region is extremely high when they first get connected (remember when Korea came online?).

The EMEA (Europe, the Middle East and Africa) region continues to be the leading source of all zombie IP addresses, hosting 45 per cent of active zombie computers in March 2009 – although Brazil has seen a surge in compromised computers. It now has 14 per cent of all the world’s zombie machines.

Despite these figures, the US continues to be the main source of spam messages (accounting for a full quarter of all spam sent) – the UK has the dubious honour of rounding out the top ten, with a 2 per cent share.

Symantec has also noticed a change in spam subject matter, from get-rich-quick schemes to the sad business of avoiding having your home repossessed.

One ray of spring sunshine – video spam has not taken off as some experts feared. The most common size of spam email (75 per cent of all sent) is a featherweight 2 to 5 KB.

Seems like even the nature of spam is changing to accommodate the recession, these spammers really capitalise on whatever is going on in the World.

I guess that’s why it works and why they still keep spamming, basic social engineering and greed work very well together.

Thankfully no video spam though, imagine if you’re on mobile data…and you start receiving 1-3mb spams!

Source: Techradar (Thanks Navin)

Posted in: Malware, Phishing, Spammers & Scammers

, , , , , ,

Latest Posts:

BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.
SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads

2 Responses to Spammers Recover from McColo Shutdown – Spam Back To 91%

  1. Navin April 23, 2009 at 12:16 pm #

    cheers!! :)

  2. T2t April 25, 2009 at 6:52 am #

    Well the break was nice…