Spam’s Dirty Dozen countries: from Belarus to the U.S., a global army of zombie PCs

BotnetsThe epidemic of spam seems to fly under the radar, perhaps because our spam filters have become so good at catching it. But if you look into your email account’s spam folder, you’ll get an idea of just how much of your daily email is junk. Not only does spam make up the vast majority of all email, spam emails can carry nasty viruses that perpetuate the problem.

To help raise awareness of the continuing plague of spam worldwide, Sophos releases a quarterly list of the Dirty Dozen spam-relaying countries. Coming in first place in our latest ranking, for the fourth quarter in a row, is the United States; followed by China, Russia, Belarus and Ukraine. Our research shows that zombie computers in the U.S. were responsible for sending 14.5% of spam worldwide, far ahead of any other country.

The Dirty Dozen spam-relaying countries by volume.

The Dirty Dozen spam-relaying countries by volume.

When you consider that the U.S. has a population of more than 300 million people, a large chunk of whom have computers, it shouldn’t be surprising that spam volume from the U.S. is so large. China meanwhile has a population of 1.3 billion people, so it has its fair share of spam-sending zombies, representing 8.2% of all spam. India, with a population of 1.2 billion, ranks sixth with 3.8% of spam coming from that country.

Looked at another way, when we divided spam volume by a country’s population, we see that smaller countries have an even bigger spam problem than America.

Dirty-dozen-spam-by-population

Belarus is the worst spammer when measured by population.

On a per capita basis, Belarus shoots to the top of the list, followed by Kuwait, Taiwan, Kazakhstan and Uruguay. Even tiny Luxembourg makes this list because computers in that country are more than twice as likely as a computer in the U.S. to send spam.

Paul “Duck” Ducklin, Senior Security Analyst at Sophos, writes at Naked Security about the Dirty Dozen “Spampionship” among countries; and he reminds us why the spam problem is more serious than just annoying. As Duck explains, spam comes from computers that are part of a botnet operated by cybercriminals. And that means spam-sending zombie computers have malware on them that could be used for even more nefarious purposes.

“The spam aspect is just a symptom—the start of the problem,” Duck says in an interview with SCMagazineUK.com. “Zombie malware means the crooks are already on the inside. We don’t know what else [cybercriminals] are doing inside networks.”

Battling the botnets

How do we fight back against spam and related threats? ISPs, national law enforcement, and companies like Microsoft certainly aren’t taking the problem lying down. At the beginning of December, the masters of the ZeroAccess botnet had essentially given up after Microsoft and law enforcement struck at ZeroAccess’s command and control servers.

But we can all do our part to stop spam, and it begins with keeping our computers free from the threats that harness our PCs within botnets. Remember: if your computer is infected with zombie spam-sending malware, you are part of the problem!

Sophos Techknow Podcast: Understanding Botnets

In this episode of our Techknow podcast series, Paul Ducklin chats with SophosLabs Senior Threat Researcher James Wyke about what botnets are, how they work, and why we all need to do our part to fight back against them.

Listen to the podcast below or on Soundcloud, or download the MP3 for listening later.


Sophos Email Security

Sophos blocks spam and email-borne threats. Our Email Appliance is ideal if you want an appliance dedicated to message security with advanced DLP and easy policy-based encryption. Or, if you prefer consolidating your network security into a single appliance, our UTM with integrated email protection is for you.

Learn more about email security from Sophos and find out how to sign up for a free trial.