Modernizing Authentication — What It Takes to Transform Secure Access
And several anti-spam experts say the hundreds of thousands of open proxies created byviruses, like Sobig and MyDoom, are largely to blame for the spam explosion.
''If spam maintains the rate it's going on now, you don't want to know how bad it could be ayear from now,'' says Mark Sunner, chief technology officer of MessageLabs, Inc., a New YorkCity-based company that provides managed email security services and tracks theproliferation of spam. ''If you do a straight trajectory [on the current growth rate], spamrelative to normal email will be in the high 70 percentile by this April... it'll hit about80 percent by the third-quarter and easily edge over 90 percent by January of next year.''
And Sunner adds that about 66 percent of the spam they're intercepting is coming frommachines infected with one of the various Trojan-dropping viruses that have been circulatinghttps://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i Spam, or unsolicited commercial email, is the bane of IT managers and corporate usersworldwide. It clogs up bandwidth, fills inboxes to overflowing, forces managers to spendtheir budget on more email servers and wastes employee productivity.
Spam has gotten so bad that it's driving people away from using their email. A recent reportfrom the Pew Internet & American Life Project, an organization focused on researching theInternet's impact on society, shows that people are actually using email less because theydon't want to deal with the digital scourge.
The worst part may be that it just keeps on coming. There's no ebb and flow to this tide.It's not like even the worst viruses that come, do their damage and leave. Spam just keepshammering away at corporate networks and ISPs, never ebbing -- always increasing.
''It's at the point that some enterprises are under realtime, constant denial of service byspam,'' says Francois Lavaste, a vice president at San Francisco-based anti-spam companyBrightmail. ''Unfortunately, we haven't seen any slowdown in the pace that spammers aresending unsolicited bulk mail. It's putting a lot of stress on business systems and theusers' inboxes. The pain level of spam is becoming really incredible.''
Lavaste says none of the spam forecasts look good.
''It'll be 65 percent to 70 percent by this coming June,'' he adds. ''There are differentforecasts on how bad it's going to be. We're trying not to be alarmists... but it's notunreasonable to say that it will reach 80 percent of email.''
More Spam, More Pornography
Lavaste, along with other anti-spam analysts, says a part of the problem is how much of thespam is pornographic.
About 17 percent of all spam is pornographic in nature today, according to Lavaste, who addsthat that number is up from about 10 percent or 12 percent last year. What makes it worse isthat as the amount of overall spam increases, that 17 percent portion equals a larger andlarger number.
''It is bad. It's very bad,'' says Lavaste. ''Spammers are using every trick in the book,including very graphic images, tricky subject lines or subject lines that are becoming muchmore graphic. Spam is getting nastier, in terms of its adult content and fraudulentnature.''
Pornographic spam causes even more trouble for businesses, which are under the gun to keepsexual images, sexual innuendoes and anything graphic out of the workplace. Smutty spam hasmuch more potential for upsetting workers and interrupting the workday, and could even leadto legal issues in an age of strict sexual harassment policies and laws.
MessageLabs analysts calculate that 20 percent of spam is pornographic, 40 percent isrelated to pharmaceuticals and the other 40 percent covers everything else fromget-rich-quick schemes to low mortgage rates and lose-weight-fast offers.
Despite blacklists, email filters and even governmental efforts like the Can Spam law, theflood of unsolicited commercial email comes coming. And several analysts point to theconvergence of spammers and virus writers as the cause.
It used to be that blackhat hackers wrote malicious code to make a name for themselves. Theywanted the notoriety and respect in the underground community. Several months ago, however,analysts started to see a dramatic increase in virus writers working to make a buck insteadof making a name for themselves.
Because of that malicious marriage of spam and viruses, an increasing number of worms arebeing let loose in the wild complete with backdoor Trojans and the ability to set up openproxies. Once those are in place, the spammers can take control of the infected machines anduse them to send out wave after wave of spam.
Anti-virus experts estimate that the recent MyDoom-A worm compromised 500,000 to 1 millioncomputers -- all with open proxies. And they expect that army of zombie machines will be putto use in the spam community, much as anti-spam experts believe computers infected with theSobig virus were.
''Just a year ago, it wasn't a major problem,'' says Lavaste. ''There's definitely been adramatic increase. Today, open proxies generate at least one-third of the spam volume.''
Lavaste adds that they see a lot of spam coming from computers compromised by the Sobigvirus and though they haven't seen it yet, they expect to see it start coming from MyDoominfected computers.
Sunner adds that he expects a huge increase because of MyDoom.
''I would suspect to see an increase because of MyDoom since it's so similar to Sobig,'' heexplains. ''You now have a whole plethora of machines harvested to send out spam if theauthor wants... It sticks out like a huge beacon that this is where the spam is comingfrom.''