Ranked second, China has managed to decrease the amount of spam it relays by nearly seven percent since last quarter. Experts suggest that United State's dramatic lead ahead of the bulk of the list is due to the emergence of more than 300 Stratio worm strains. The mass-spammed worm, also known as Stration or Warezov, is dependent on the victim speaking English as it attempts to convert innocent PCs into members of a spam botnet.
The top twelve spam relaying countries July to September 2006 are as follows:
| United States | 21.6% |
| China (inc. Hong Kong) | 13.4% |
| France | 6.3% |
| South Korea | 6.3% |
| Spain | 5.8% |
| Poland | 4.8% |
| Brazil | 4.7% |
| Italy | 4.3% |
| Germany | 3.0% |
| Taiwan | 2.0% |
| Israel | 1.8% |
| Japan | 1.7% |
| Others | 24.3% |
"Most hackers attack through unsolicited email, sent through a zombie PC, which is a set of computers that become spam-spewing bots when infected with Trojans, worms and viruses. In the past, hackers had relied on vulnerabilities in the operating system to convert clean machines into Zombies, however, recently we have witnessed the resurgence of malware in this process. Hackers are using it to trick users into running malicious code and opening the backdoor of the network to vulnerabilities," said Ron O'Brien, senior security analyst at Sophos. "The steady increase in the volume of spam seen traveling across the net is directly related to the enormous rise in Stratio worm strains in recent months."
Sophos's research indicates that the UK has dropped out of this quarter's dirty dozen list, taking 13th position, while Israel has entered for the first time at number 11.
Despite the United State's lead in the country rankings, Asia continues to be the largest source of relayed spam even though its production level dropped by 6.1% since Q2 2006. Europe, currently in second position, is closing the gap by increasing its share of spam production by 4.8% in the last quarter.
| Asia | 34.1% |
| Europe | 31.9% |
| North America | 24.2% |
| South America | 8.3% |
| Africa | 1.0% |
| Australia | 0.5% |
Third quarter analysis also reveals that spammers are deploying new tricks to fool users and anti-spam software.
Currently accounting for nearly 40% of all spam, emails containing embedded images continue to rise--the vast majority fueling pump-and-dump stock scams. The use of images, static and animated, gives spammers a better chance of bypassing threat detection as images can successfully navigate past anti-spam filters that only analyze text. Spammers also layer images in a single email, thus creating "noise" that aids in avoiding detection.
Email harvesting scams are also more prevalent. One spam campaign asks recipients to forward chain emails for fake research projects while another encourages users to view a web-based video tribute. When unsuspecting victims log on to the Web site, they're asked to enter an email address and many often do. The spammers then use the email addresses for various spam scams.
"As integrated anti-malware and anti-spam protection continue to deliver more comprehensive protection, hackers and spam peddlers are evolving their techniques and are becoming more creative in their attacks. It is imperative that people stay one step ahead of these potential threats with the latest and most innovative security features," continued O'Brien. "It is clear that hackers are here stay as they are continuing to launch attacks despite the stiff fines and legal actions being taken across the world."
