all email a year ago, it is expected to make up 80 percent of all email being sent around
the world by the third-quarter of this year.
And several anti-spam experts say the hundreds of thousands of open proxies created by
viruses, like Sobig and MyDoom, are largely to blame for the spam explosion.
”If spam maintains the rate it’s going on now, you don’t want to know how bad it could be a
year from now,” says Mark Sunner, chief technology officer of MessageLabs, Inc., a New York
City-based company that provides managed email security services and tracks the
proliferation of spam. ”If you do a straight trajectory [on the current growth rate], spam
relative to normal email will be in the high 70 percentile by this April… it’ll hit about
80 percent by the third-quarter and easily edge over 90 percent by January of next year.”
And Sunner adds that about 66 percent of the spam they’re intercepting is coming from
machines infected with one of the various Trojan-dropping viruses that have been circulating
Spam, or unsolicited commercial email, is the bane of IT managers and corporate users
worldwide. It clogs up bandwidth, fills inboxes to overflowing, forces managers to spend
their budget on more email servers and wastes employee productivity.
Spam has gotten so bad that it’s driving people away from using their email. A recent report
from the Pew Internet & American Life Project, an organization focused on researching the
Internet’s impact on society, shows that people are actually using email less because they
don’t want to deal with the digital scourge.
The worst part may be that it just keeps on coming. There’s no ebb and flow to this tide.
It’s not like even the worst viruses that come, do their damage and leave. Spam just keeps
hammering away at corporate networks and ISPs, never ebbing — always increasing.
”It’s at the point that some enterprises are under realtime, constant denial of service by
spam,” says Francois Lavaste, a vice president at San Francisco-based anti-spam company
Brightmail. ”Unfortunately, we haven’t seen any slowdown in the pace that spammers are
sending unsolicited bulk mail. It’s putting a lot of stress on business systems and the
users’ inboxes. The pain level of spam is becoming really incredible.”
Lavaste says none of the spam forecasts look good.
”It’ll be 65 percent to 70 percent by this coming June,” he adds. ”There are different
forecasts on how bad it’s going to be. We’re trying not to be alarmists… but it’s not
unreasonable to say that it will reach 80 percent of email.”
More Spam, More Pornography
Lavaste, along with other anti-spam analysts, says a part of the problem is how much of the
spam is pornographic.
About 17 percent of all spam is pornographic in nature today, according to Lavaste, who adds
that that number is up from about 10 percent or 12 percent last year. What makes it worse is
that as the amount of overall spam increases, that 17 percent portion equals a larger and
larger number.
”It is bad. It’s very bad,” says Lavaste. ”Spammers are using every trick in the book,
including very graphic images, tricky subject lines or subject lines that are becoming much
more graphic. Spam is getting nastier, in terms of its adult content and fraudulent
nature.”
Pornographic spam causes even more trouble for businesses, which are under the gun to keep
sexual images, sexual innuendoes and anything graphic out of the workplace. Smutty spam has
much more potential for upsetting workers and interrupting the workday, and could even lead
to legal issues in an age of strict sexual harassment policies and laws.
MessageLabs analysts calculate that 20 percent of spam is pornographic, 40 percent is
related to pharmaceuticals and the other 40 percent covers everything else from
get-rich-quick schemes to low mortgage rates and lose-weight-fast offers.
Story Continues
Despite blacklists, email filters and even governmental efforts like the Can Spam law, the
flood of unsolicited commercial email comes coming. And several analysts point to the
convergence of spammers and virus writers as the cause.
It used to be that blackhat hackers wrote malicious code to make a name for themselves. They
wanted the notoriety and respect in the underground community. Several months ago, however,
analysts started to see a dramatic increase in virus writers working to make a buck instead
of making a name for themselves.
Because of that malicious marriage of spam and viruses, an increasing number of worms are
being let loose in the wild complete with backdoor Trojans and the ability to set up open
proxies. Once those are in place, the spammers can take control of the infected machines and
use them to send out wave after wave of spam.
Anti-virus experts estimate that the recent MyDoom-A worm compromised 500,000 to 1 million
computers — all with open proxies. And they expect that army of zombie machines will be put
to use in the spam community, much as anti-spam experts believe computers infected with the
Sobig virus were.
”Just a year ago, it wasn’t a major problem,” says Lavaste. ”There’s definitely been a
dramatic increase. Today, open proxies generate at least one-third of the spam volume.”
Lavaste adds that they see a lot of spam coming from computers compromised by the Sobig
virus and though they haven’t seen it yet, they expect to see it start coming from MyDoom
infected computers.
Sunner adds that he expects a huge increase because of MyDoom.
”I would suspect to see an increase because of MyDoom since it’s so similar to Sobig,” he
explains. ”You now have a whole plethora of machines harvested to send out spam if the
author wants… It sticks out like a huge beacon that this is where the spam is coming
from.”