Global Spam Drops by a Third

There has reported a one third decrease in global spam volumes, according to the latest MessageLabs Intelligence monthly report.

Illustration: Lou Beach
MessageLabs concludes that the decrease comes after the dismantling of Rustock, one of the most stubborn and technically sophisticated botnets on the malware landscape.

The firm said, however, that web-based malware is still on the increase in Hong Kong and mainland China.

Spamming is a challenging issue for netizens and last year Rustock was responsible for as much as 47.5 per cent of all spam. EBA claims that in 2010, Rustock sent about 44.1 billion spam emails each day.

But this decrease does not mean increase in web security as according to Harry Pun, Client Services manager, North Asia for Symantec.cloud, He says other botnets have stepped up their activities to take advantage of the gap in the market created by the Rustock takedown.

"Since the end of 2010, the Bagle botnet has been more active, sending approximately 8.31 billion spam emails each day, the majority of which linked to pharmaceutical products," said Pun. "While Bagle may not have as many bots under its control or have spikes of traffic as large and dominating as Rustock, its output has been more consistent. In the wake of Rustock's demise, Bagle has already taken over from Rustock as the most active spam-sending botnet in 2011."

Blocked Activities

The World Wide Web is not a safe place but emails are getting safer, says MessageLabs Intelligence, which also notes a March, 2011 report, indicating that an average of 2,973 web sites each day harbor malware and other unwanted programs, including spyware and adware.

About 37 per cent of all malicious domains blocked were new in March. Also, 24.5 per cent of all web-based malware blocked was new in this month.

The advertisements and popups category accounted for 47.5 per cent of blocked web activity for businesses and social networking accounted for 14 per cent of URL-based filtering activity blocked in March.

"Many organizations allow access to social networking web sites, but facilitate access logging so that usage patterns can be tracked and in some cases implement policies to only permit access at certain times of the day and block access at all other times," Pun added.

"This information is often used to address performance management issues, perhaps in the event of lost productivity due to social networking abuse."

Subscribe to the Security Watch Newsletter

Comments