IT security and control firm Sophos has reported on the latest spam trends, and has shown the top 12 spam-relaying countries for the second quarter of 2008. SophosLabs research reveals a large growth in the level of email spam traveling across the internet between April - June 2008, and the way spammers are now using Facebook (News - Alert) and mobile phones for spreading their messages.

 

According to the research, by June, the level of spam had gone up to 96.5 percent of all business email. Rising from 92.3 percent in the first three months of the year, with corporations finding that only one in 28 emails is legitimate.

 

"If your company is on the internet, it's going to be hard for it to do business unless it has an effective anti-spam defense in place. Otherwise the amount of junk mail will be swamping legitimate correspondence from your customers and suppliers," stated Graham Cluley, senior technology consultant for Sophos. "It should be remembered also that some spam is not just a nuisance, but malicious in its intent - trying to get you to click on an attached Trojan horse or lead you to a dangerous website. Organizations need a consolidated anti-spam and anti-malware solution at their gateway, updated around the clock to neutralize the latest internet attacks."

 

Email spam is mostly sent from innocent third party computers, which are hacked. These botnet computers belong to the unaware parties who the cybercriminals are using for financial gain. Users are mostly those who have not been protected with anti-virus software and firewalls.

 

As per the report, the top 12 countries identified for relaying spam across the world are the United States, Russia, Turkey, China (including HK), Brazil, Poland, Italy, South Korea, UK, Spain, Germany and Argentina.

 

"Between April and June 2008, the computer users from the US and Russia retained their shameful first and second places as the top relayers of spam," added Cluley. "Much more needs to be done to raise awareness about computer security. These computers are under the remote control of hackers,  which means they can be used not only for sending a tidal wave of spam, but also potentially steal banking details and credit card information for the purposes of identity theft."

 

"Argentina is the fastest growing economy in South America, which means lots more computers are connecting to the net," continued Cluley. "Spammers hijack poorly defended computers wherever they are in the world to join their sprawling botnets. Computers may be becoming more common, but IT security also has to be a top priority."

Sophos also revealed that spammers are increasingly using networking websites like Facebook and LinkedIn for sending unwanted links to online stores and lottery or financial scams.

 

"Spammers are finding themselves increasingly obstructed by corporate anti-spam defenses at the email gateway. In a nutshell - we're stopping the bad guys getting their marketing message in front of their intended audience," added Cluley. "To get around this, we are seeing spammers exploiting networks like Facebook to plant spam messages on other peoples' profiles - these don't just get read by the owner of the profile, but anyone else visiting his or her page."

 

A growing method for spammers to spread their messages is through SMS texts sent to mobile phones.

 

Spear phishing, involving messages to personalized domain or organizations, has also emerged. Here the emails appear to come from a trusted source and ask for personal information or username and password confirmation. These messages become the supplying information that the phisher can use for malicious purposes.

 

Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at their email and web gateways to defend against viruses and spam. Sophos provides enterprises worldwide to secure and control their IT infrastructure. The company is headquartered in Boston, MA and Oxford, UK.