Global e-mail spam volumes have dropped 20% for the first quarter this year compared with the same period last year, according to McAfee's latest research.
McAfee attributes the dramatic reduction in e-mail spam to the November shutdown of the notorious McColo spam-generating site. In the McAfee Threat Report for the First Quarter 2009, published today, the security company said spam levels are still 30% below their peak seen in the third quarter of last year right before the shutdown of the rogue ISP McColo.
Spam as a total percentage of e-mail volume is now at 86% — hardly great news, but 90% had been the more common figure and current levels haven't been this low since 2006, according to McAfee. All e-mail, both good and bad combined, is believed to have averaged about 100 billion messages per day worldwide in March, a trend continuing into April, notes Dave Marcus, McAfee director of communications.
However, McAfee is not optimistic that e-mail spam volumes will continue to drop. “The question is not whether spam will return to previous levels but rather when it will return,” McAfee says in its report.
The U.S. remains the top country whose computers — many of them compromised — generate the most spam worldwide. “The U.S. continues to lead the world with 35% of the glove's spam output,” McAfee states in its report.
But in other nations there's also trouble, McAfee points out, asserting that criminals have been attacking Russian banking and government networks in order to use computer resources within them to generate malware-laden e-mail and spam.
McAfee cites Rusfinance Bank, OGO Bank, Tusarbank, Link Capital Investment Bank, Maritime Bank, Vladivostok Alfa Bank, Bank Voronezh and Inter-Svayz Bank as being among the Russian financial institutions inadvertently generating spam.
“This data suggests online criminals are largely indiscriminate about their targets and will attack any organization of financial or other interest to them,” McAfee states in its report.
The McAfee report also adds, “Our data suggests that computer systems in the following Russian government offices are controlled by cybergangs. These institutions would include the Ministry of Taxation, Nazran Region; the Russian State Internet Network; Regional Finance and Economy Institute; Joint Institute for Nuclear Research; and Pension Fund of the Russian Federation, among several others.
Marcus says McAfee has notified these institutions of its findings, which were recently made as the company combed through information it was collecting about spam and IP addresses.
When it comes to malicious Web activity from sites with “bad reputations” for hosting malware, the top three countries remain the U.S., China and Russia. But this last quarter saw growth in malicious Web activity from sites in the Netherlands, United Kingdom, Republic of Korea, Japan, France, Canada and Czech Republic, the McAfee report says.