Spam traffic dropped precipitously in January, falling to 78.6 percent of all emails – the lowest rate since March 2009 – according to a new report from security software vendor Symantec.

Symantec's (NASDAQ: SYMC) (PDF format) January 2011 MessageLabs Intelligence report found the decline in spam emails this month was largely the result of a halt in spam-sending activities from a trio of botnets – Rustock, Lethic and Xavester – and what it described as "unrest" among pharmaceutical spam-sending organizations after SpamIt, one of the largest drug-spamming affiliates shuttered its nefarious partnership program with a number of spamming syndicates in October.

The last time Symantec researchers recorded such a significant decline in total spam production was in March 2009 – when spam accounted for 75.7 percent of all email traffic – when McColo, a notorious spam-facilitating Internet service provider, was finally shut down.


While this drop in Viagra come-ons and the like is certainly welcome, particularly for enterprises that pay millions each year to block spam of all types from weaseling their way into employees' inboxes, it's all relative.

Pharmaceutical spam in January still accounted for 59 percent of all spam in circulation, a jarring figure but a definite improvement from May 2010 when it reached its apex at 85 percent of all spam.

It's worth noting that in just one month, total spam identified by Symantec's MessageLabs researchers fell 3.1 percent.

"For now, it's clear that spam remains a profitable activity for spammers and there is no evidence to suggest that pharmaceutical spam is suffering any loss in profitability," the report said. "However, the closure of SpamIt re-shaped the activities of many of the major pharmaceutical spam gangs as pharmaceutical spam operations underwent restructuring and consolidation."

So far this month, Symantec's security team has found one virus per 365 emails, a tiny decline (0.03 percent) from December.

At the same time, email-borne phishing campaigns, which have plagued the likes of McDonald's, Apple and Coca-Cola in recent weeks, were found in roughly one in every 410 emails, up an even smaller 0.004 percent from the prior month.

The total volume of malicious websites, which have sprout up by the hour and have become a top priority for local, state, federal and international law enforcement agencies, either tailed off or were harder to identify this month.

Symantec said more than 2,700 of these data-stealing, device-infesting black hat sites were blocked each day in January, down 22 percent from December.

"A great deal of email-borne malware is sent as .exe files within a .zip archive," the report said. "Often these are masquerading as greeting cards, invitations, parcel non-delivery reports or spoofed instructions from social networking websites."

Of these blocked websites, 41 percent were new for the month and 65 of email malware in January contained malicious links.

Larry Barrett is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.

Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.