News
News
12/21/2006
04:11 PM
Connect Directly
RSS
E-Mail
50%
50%

Spam Volume Jumps 35% In November

The volume of spam surged in November to an average of 85 billion messages a day during two periods, IronPort says.

Spam volume soared another 35% in November, an e-mail security vendor said Thursday, and the month saw spam tactics that reduced the efficiency of traditional anti-spam filters.

"There's been a huge increase in spam volume," says David Mayer, a product manager at IronPort Systems, "from 31 billion spams a day on average in October 2005 to 63 billion in October 2006. But in November, we saw two surges that averaged 85 billion messages a day, one from Nov. 13 to 22, the other from Nov. 26 to 28.

"The October-to-November increase is higher than any other month we've measured," Mayer says.

Like other anti-spam vendors, IronPort puts the blame on a surge in botnet use, the increased use of image-based spam, and a rapid rise in the number of URLs registered by spammers. That combination, along with profit-driven innovation, has dramatically changed the spam landscape in 2006, said IronPort, which released its annual trend report earlier this week.

But other trends are at work, says Mayer, including spammers picking up hacker techniques and applying them to the junk mail business.

Spammers are using malware development tactics such as trying out new strains of spam in limited quantities to gauge how effective they are against filters, then sending out huge quantities only when they're sure a good number will slip through defenses.

"They're doing test runs to see what the returns are," says Mayer, "and to see how many messages bounce back from invalid addresses. Only then will they send out the [spam] blast."

Scammers have been able to turn up the spam volume because of the seemingly limitless number of systems vulnerable to hijack, using an individual bot for only hours to send out large quantities of spam, then discarding that PC to move on to another. The volume, along with the constant tweaking they give to their messages, means that at times traditional rule- or blacklist-based anti-spam defenses can be overwhelmed.

In mid-November, for instance, IronPort monitored a new, large-scale spam attack that dropped filter efficacy by more than 10 percentage points, letting millions of messages through to in-boxes.

"It's a reaction gap," says Mayer. "It takes time for vendors to respond and come up with appropriate rules, but with their distributed [botnet] networks, spammers can send a huge attack in a matter of hours. It takes time for anti-spam solutions to catch up with the attack."

IronPort's appliances, Mayer added, can close that gap: the company can update rules as often as 12 times an hour, and if necessary -- because of a completely unknown form of spam, for example -- update the core scanning engine remotely as well. "Anti-spam needs to be very responsive," he says.

Even though December spam volumes have stayed at November's numbers, Mayer expects that 2007 will be a tough one for anti-spam vendors and end users alike. "There's a realistic probability that volumes will increase," Mayer says. "It's a game of economics; there's a lot of money to be made and [thus] a lot of innovation on their part.

"It's going to be a long battle."

IronPort's "2007 Internet Security Trends Report" can be downloaded as a PDF file from the company's Web site.

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government Oct. 20, 2014
Energy and weather agencies are busting long-held barriers to analyzing big data. Can the feds now get other government agencies into the movement?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.