Holidays are Over for Spammers

In this blog about spam volume, we discussed the virtual shutdown of three botnets including Rustock that caused the global spam volume to plummet around Christmas day. MessageLabs has indicated in their blog that those botnets have restarted, although they are sending less volume than pre-shutdown levels at the moment.

As seen in the chart below, we are indeed seeing a spike up in volume as of January 10. We will be keeping a close eye on this over the next few days to see if the increase holds up. For now, it looks like holidays are indeed over for spammers.

We saw a drop in the use of the ‘.ru’ domain URLs in spam messages around December 25.  When the spam volume spiked up on January 10, we saw a corresponding jump in the use of ‘.ru’ domain URLs in spam.  This data suggests that the new wave of spam mostly consisted of ‘.ru’ domain URL spam messages.

Some of best practices users should follow are:

· Do not open unknown email attachments. These attachments could infect your computer.

· Do not reply to spam. Typically the sender’s email address is forged, and replying may only result in more spam.

· Do not fill out forms in messages that ask for personal or financial information or passwords. A reputable company is unlikely to ask for your personal details through email. When in doubt, contact the company in question through an independent, trusted mechanism, such as a verified telephone number, or a known Internet address that you type into a new browser window (do not click or cut and paste from a link in the message).

· Do not buy products or services from spam messages.


Please visit State of Spam & Phishing homepage for latest news on spam threat landscape.