X

Spam: Made in Taiwan?

Junk e-mail rose in May, most of it served up from Taiwan--and the death of Blue Frog was a factor, CipherTrust says.

Candace Lombardi
In a software-driven world, it's easy to forget about the nuts and bolts. Whether it's cars, robots, personal gadgetry or industrial machines, Candace Lombardi examines the moving parts that keep our world rotating. A journalist who divides her time between the United States and the United Kingdom, Lombardi has written about technology for the sites of The New York Times, CNET, USA Today, MSN, ZDNet, Silicon.com, and GameSpot. She is a member of the CNET Blog Network and is not a current employee of CNET.
See full bio
Candace Lombardi
2 min read
The majority of spam servers are physically located in Taiwan, according to CipherTrust.

In research conducted in May, the e-mail security company found that 64 percent of machines sending out junk mail were in that country. Next was the United States with 23 percent and third China, with 3 percent.

CipherTrust also determined that unwanted e-mail traffic went up as much as 20 percent worldwide in May. The data was gathered using CipherTrust's network of fake "zombie" computers, among other sources, the company said. Spammers typically use networks of zombies, or compromised PCs used without their owners' knowledge, to send out their junk messages.

The company attributed the spam rise to two factors: the demise of antispam efforts by Blue Security, and growing use by spammers of image-only e-mails to defeat filters.

After a distributed denial-of-service attack at its service provider, Six Apart, Blue Security announced it would cease its antispam activities. The Israeli company ran an effort called Blue Frog, which enlisted people to send replies to unwanted e-mails, resulting in a barrage of messages to spam servers.

"They (Blue Security) had hundreds of thousands of clients," Dmitri Alperovitch, a CipherTrust research engineer, said Friday.

As for image-based spam, it's now one of the most popular ways for spammers to combat filters, he added. Text is placed into a message as an image. This allows them to fool some systems that use textual recognition to parse the words of a message to identify e-mails as spam.

Using images, spammers can also more easily alter the print, background color and other identifying factors used by message analysis tools, Alperovitch said.

"It's hard to identify as spam, unless you are using optical-recognition technology, trying to identify characters within an image to recognize as text," he said.

But optical-recognition technology is typically not appropriate for use in antispam systems because it's fairly slow and not extremely accurate, he said.

Alperovitch also said CipherTrust saw 7.4 million new zombies in May. About 24 percent of them are located in China, 9.4 percent in the U.S. and 7.5 percent in Germany. However, Alperovitch noted, there are only thousands of spam servers.

"There are about 5,000 servers who are actually sending the spam to the zombies. Most people would not even see the spam server. Their interaction is only ever with the zombies out there," he said.