As much as 80 percent of all spam now being sent is coming from home personal computers that have been hijacked, largely unwittingly, through Trojan horse programs embedded by worms and spyware, according to analysis by Canadian network equipment maker Sandvine, Inc..
"Worm attacks are growing in frequency because they provide a fast means of infecting a vast number of computers with spam Trojans in a very short period of time," according to a trend analysis report Sandvine produced earlier this month. "It's no surprise that many service providers report an upsurge in spam traffic immediately following a worm attack. Worms can credibly be seen as the delivery mechanism for unsolicited mass-market direct e-mail campaigns."
E-mail security firm MessageLabs said the global spam ratio as of the end of May is one out of every 1.3 e-mails, or 76 percent of the world's e-mail, and that spam may well have overtaken viruses as the biggest pain in the application now experienced by e-mail users.
MessageLabs agrees with Sandvine that a large enough majority of the world's spam is now generated by infected home computers, but MessageLabs puts the figure at closer to 66 percent.
"Email-borne viruses have plagued businesses for years, whereas spam has become the primary pain point only recently and now far surpasses the number of virus-infected e-mails," said MessageLabs chief technology officer Mark Sunner in a statement. "In spite of a convergence of attack techniques, the growth patterns remain different. Spam levels follow a constant upwards curve while viral threats remain steady.
"The exception is when volumes spike during major outbreaks such as MyDoom or virus wars break out between the authors," he continued. "The good news is that while these numbers show threats at high levels and increasing, they serve as great validators for IT departments that have solutions in place to proactively stop the threats before they ever reach their networks."
The culprits are deemed to include the United States's CAN-SPAM Act, which took effect in January and continues to draw fire for its weakness in putting any substantial dent in the spam volume. John Thompson, the chief executive of Symantec, which makes Norton Anti-Virus, calls CAN-SPAM "the stupidest piece of legislation ever passed, anywhere in the world."
Symantec product management director Chris Miller thinks Sandvine is a little bit unrealistic in its projection. He told TechNewsWorld.com that Trojan-conducted spam "is an increasingly serious problem, but it certainly doesn't contribute 80 percent of the spam out there." Miller believes 30 percent of spam at most is generated by infected home computers with the remainder coming from so-called spam houses, Internet service providers specializing in sending out bulk messages, TechNewsWorld.com said.
Most of the fire trained on CAN-SPAM involves its opt-out requirement. Critics of the law had insisted, well enough before the law was passed, that that would only continue the invitation for spammers to hit e-mail boxes even once – including e-mails that contained certain kinds of spyware and other hidden applications that could slip Trojans into systems that, in turn, could turn those systems or computers into unwitting spam conductors.
The problems are severe enough that Lavasoft's Ad-Aware, a free application that catches and eliminates data mining programs, adware, and tracking programs, has been downloaded over 45 million times since July 2003.
But one of CAN-SPAM's few provisions to receive positive reviews is the one banning spam through proxies. Spamhaus, the British-based anti-spam group which was among CAN-SPAM's loudest critics, thinks the law has a "good" effect on offshore spammers, though it hasn't yet weighed in on whether the law likewise might prove effective in stopping the worm writers slipping the spam-conducting Trojans into unwitting recipient computers.
Netscape has also announced new products aimed to help its Internet service customers block spam and pop-up ads and scan e-mail for viruses. Web Accelerator with Pop-Up Blocker can be used with the basic Netscape dialup service, the company said June 14, with this service costing an extra $5 per month and its new e-mail scan an additional dollar a month.
And don't think that the pestiferous spam is limited to drugs, money services, or scams, or adult materials, either. Reports surfaced June 14 that German-language spam attacking the presence of Turks and other foreigners in Germany began hitting e-mails around the world, which the Washington Post said is a new twist in the use of spam.
"It's thrown at everybody," said SANS Internet Storm Center chief technology officer Johannes Ullrich, "and I guess they hope to find enough Germans in their samples." The spam was said to have begun last Wednesday and hit e-mail users in the U.S., Finland, and the Netherlands, among other countries. Anti-spam maker MX Logic said there are about 25 variants of this racist spam known so far, based on its own spottings. And SpamCop told the Post they'd received about a thousand complaints about it.
Anti-Turkish messages may pose particular sensitivity in Germany – Turks are said to be the country's second-largest ethnic group, with roots in those who came to Germany to help the country rebuild after World War II. MX Logic said one of the racist e-mails purported to include a news item describing three German youths assaulted and beaten by Turk youths over a T-shirt whose message purportedly decried a Turkish food dish.
