U.S. Still a Haven for Spammers
McAfee's December spam report finds spammers are still operating with relative impunity despite looming six-year anniversary of FTC's Can-Spam Act.
McAfee's December spam report suggests that while antivirus and antispyware vendors continue to improve their security software offerings on a daily basis, hackers are still taking advantage of America's technology and fascination with pop culture to spread their spam.
Jan. 1 will mark the sixth anniversary of the Federal Trade Commission's Can-Spam Act, a piece of legislation that was supposed to help curb the geometric explosion in spamming and phishing attacks in the U.S. by virtue of a $16,000 fine per incident.
But according to McAfee, the Can-Spam Act as well as other technological and legal instruments designed to rein in spammers have failed to slow the flow of unsolicited e-mails into Americans' inboxes.
"We have seen the amount of spam sent to the average e-mail address rocket upward to peaks as high as 92 percent of all traffic only a few months ago," McAfee researchers said in their report (available here in PDF format).
"While we complain about the lack of international support to combat this scourge, we overlook spammers who sit comfortably in the United States, sending out thousands of e-mails that blatantly disregard the law by keeping their message volumes just below the radar."
The report follows closely on a recent spam study released by networking giant Cisco Systems, which noted a 20 percent decline in the number of spam messages emanating from U.S. computers this year. That drop-off was enough to bump the United States out of the top spot on the global spam list, with that dubious distinction passing to Brazil.
But the McAfee researchers found that the United States is still very much a haven for spammers. The security software vendor pointed out that Americans' fascination with popular culture has not got unnoticed by spam purveyors. Using socially engineered lures such as Michael Jackson and Tiger Woods, spammers are finding more creative ways to get people to read and distribute their wares.
McAfee is now warning users to be on the lookout for the "Twitter job" spam, a campaign that purports to be an advertisement for jobs at the popular social networking and communications site, but is actually just another spamming come-on.
"These sorts of spam campaigns often move from subnet to subnet as blacklist servers block the mail," McAfee said. "Twitter job spam didn't start recently. It has been ongoing for months."
The report also warns that the proliferation of holiday-based scams, including new variants of the Koobface worm, will continue to plague business Web sites and users' computers throughout the rest of the month.
"An increase in spoofs, such as the Koobface virus, against social networking sites and spam from botnets Rustock and Cutwail have provided plenty of success for spammers," McAfee said. "We're confident, however, that we'll see more of these takedowns, as security researchers and research organizations continue to get involved.
"But we must expect the overall effect of shutdowns to be temporary," the researchers added.
Larry Barrett is a senior editor at InternetNews.com. Based in Las Vegas, Larry covers IT management, enterprise software, services and security.