Where does the spam come from?
We all like getting feedback on our websites, especially when it is complimentary, but increasingly spammers are using feedback forms as a way of getting their messages past the spam filters.
On a typical day I will see several messages sent using the feedback form on our website which all have the same broken English message reading, "Hello, nice site, look this" and then proceeds to list a number of sites on other servers that the spammer would like me to click on. Mail sent to site owners by their own feedback forms and dressed up to look like a compliment often bypasses spam filters. It is also much harder to trace the person who originated the mail which helps explain why the sites being advertised this way are often the very worst types of porn.
Increasingly spammers are using the webform technique to send out spam on an industrial scale, using automated programs to bombard vulnerable websites, but at Skill Zone we have been working on ways to intercept this type of spam and keep it out of your in-box. Currently our webserver is blocking 50 to 60 webform spams a day, and we still haven't deployed the blocking technology on our larger sites where we expect the spam problems to be even greater.
But where does it all come from? The biggest source of webform spam at our sites is the USA which is consistently responsible for 21% of the spams, followed by Latvia at 17% and China at 11%. The UK comes in at number 10 on this list, accounting for about 2% of the misuse of your webforms.
But that doesn't mean that 21% of all spam is being sent by Americans. Most spam these days is sent using "zombies". A zombie is a PC which has been infected by malicious virus-like software and can be remotely controlled by spam gangs who steal your PC processing power and steal your broadband capacity, all from a safe distance.
There are millions of computers out there which are infected by malicious software and spammers boast of having thousands of PCs under their control. An infected PC can be used to send thousands of spam per hour. The biggest such botnet identified by security researchers is the Srizbi network thought to be controlled from somewhere in the Ukraine, consisting of 315,000 compromised PCs worldwide sending up to 6 billion spams per day. Even a relatively small botnet like SpamThru which controls only 12,000 PCs is responsible for up to 300 million spams per day. Much of this botnet activity could be stopped if only people used up to date virus scanners, proper firewalls, and installed the regular Windows updates, all of which are available for free.
Using your machine for spamming isn't the only thing that the hijackers can do. They can also read your disc and steal confidential documents, including bank account details. Be warned, the The Banking Code produced by the British Bankers Association and re-issued on March 31st suggests that online banking customers should have up-to-date anti-virus, anti-spyware, and firewall software installed on their machines (Section 12.9) and makes it clear that banks will not be responsible for losses from online bank accounts if consumers do not follow that advice (Section 12.11).
www.bba.org.uk/content/1/c6/01/30/85/Banking_Code_2008.pdf
16th April 2008
This article comes from the SKILLZONE email newsletter, published monthly since January 2008, and covering topics related to technology and the internet. All articles and artwork in the SKILLZONE newsletter are orignal content.