Spam: Born In The USA - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Spam: Born In The USA

An analysis by messaging-filtering vendor CipherTrust says the large majority of the world's spam comes from a few spammers within the United States.

A survey released Thursday said that nearly all the world's spam is spewed by a limited number of hard-core spammers within the United States.

Based on analysis of the spam it blocked for its 1,000-plus clients during May, June, and July, message filtering firm CipherTrust said that 86% of all spam originated in the United States.

Although U.S.-based IP addresses accounted for only 28% of the total addresses used to spam--tying South Korea for the top spot--spammers overwhelmingly favor U.S. domains. Messages from Korean IP addresses, in comparison, accounted for just 3% of all spam. Similarly, China and Hong Kong, where about 23% of all spamming IP addresses reside, account for just 2.6% of all spam.

"That was quite a surprise," said Dmitri Alperovitch, a research engineer at CipherTrust. "The percentage of spamming IP addresses within the U.S. is in line with other surveys, but in the actual number of messages, the U.S. is responsible for the vast bulk of spam."

CipherTrust's numbers run counter to those in other surveys, which claim that a much larger percentage of spam comes from outside U.S. borders. Commtouch, for example, recently estimated that the U.S. accounted for only 56% of the world's spam.

Alperovitch defended his company's data by pointing out that other studies rely on spam-gathering honey pots, while CipherTrust tallies only those actual messages it intercepts. "Those two approaches are quite different," he said, "because some spammers are actually targeting specific companies with messages that the honey pots wouldn't see."

CipherTrust's numbers also bolstered the long-held theory that a few kingpin spammers are responsible for most of the spam. "The bulk of U.S. spam is coming from a very limited set of IPs with high-bandwidth connections," said Alperovitch, who estimated that the high-volume spamming addresses number fewer than 10,000 and the number of spammers at less than 200.

The United States is the origin of choice for spammers, said Alperovitch, because of the plentiful supply of cheap high-speed bandwidth. "Spammers need big pipes, and they don't want to pay much for it," he said.

That explains the low percentage of spam messages originating from overseas' IP addresses. The lack of cheap bandwidth outside the United States is stymieing spammers' attempts to scale up the volume of their mailings to U.S. sizes. In fact, the majority of spam that does come from countries other than the United States originates with zombies--hijacked computers typically with high-speed, high-volume access to the Web, giving spammers a free ride, bandwidth-wise.

Zombies are less of a problem in the United States, said Alperovitch, because of the inexpensive access spammers can buy here, as well as some recent efforts by major Internet providers to clamp down on zombies.

Cable provider Comcast, for instance, launched an effort in May to block its members' cable-connected machines from being used by spammers; it claimed a one-third reduction in spam coming out of its network. "We also saw a significant drop-off in spam from Comcast after May," said Alperovitch, who added that the decrease was in the 30% range.

Although the United States has anti-spam laws in place at both the states and federal levels--the latter through the Can-Spam Act that went into effect in January--critics have said that fighting spam locally doesn't do any good when the problem's global.

CipherTrust's numbers may mean it's possible to put at least a partial lid on spam through laws and enforcement solely within the United States. "Enforcement of Can-Spam could go a very long way toward reducing spam," Alperovitch said.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2019 State of DevOps
2019 State of DevOps
DevOps is needed in today's business environment, where improved application security is essential and users demand more applications, services, and features fast. We sought to see where DevOps adoption and deployment stand, this report summarizes our survey findings. Find out what the survey revealed today.
How to Land a Job in Cloud Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/19/2019
How to Convince Wary Customers to Share Personal Information
John Edwards, Technology Journalist & Author,  6/17/2019
The Art and Science of Robot Wrangling in the AI Era
Guest Commentary, Guest Commentary,  6/11/2019
Register for InformationWeek Newsletters
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll