Feeds

Spam regains pre-McColo reach

Junk mail strikes back

Internet Security Threat Report 2014

If you've noticed a spike in the amount of spam you're receiving, you're not alone. According to an analysis by Google, the volume of junk mail has returned to levels not seen since November, when host provider McColo was disconnected.

By the second half of March, spam volumes returned to pre-McColo takedown levels, according to the analysis, which was based on the inboxes Google manages for more than 50,000 businesses and 15 million business users. What's more, the growth rate during the first quarter of this year, at 1.2 percent per day, was the highest it's been since early 2008.

"It's difficult to ascertain exactly how spammers have rebuilt in the wake of McColo, but data suggests they're adopting new strategies to avoid a McColo-type takedown from occurring again," Amanda Kleha, a member of Google's security and archiving team, writes here. "Specifically, the recent upward trajectory of spam could indicate that spammers are building botnets that are more robust but send less volume – or at least that they haven't enabled their botnets to run at full capacity because they're wary of exposing a new ISP as a target."

Spam levels plummeted following the mid-November takedown of McColo, which hosted the master control channels for some of the world's biggest and most notorious spam gangs. McColo's ouster came after its upstream providers pulled the plug on their customer following complaints it was a conduit for junk email, phishing, and other types of online crime. Almost overnight, spam volumes dropped by 40 percent or more, by some estimates.

Since then, spam levels have slowly crept upward. In January, web-filtering firm MessageLabs reported that spam volumes were about 80 percent of pre-McColo takedown levels.

Additionally, over the past month Google employees have observed a rise in the amount of spam with malware attached. They've also seen new scams that target recipients by their geographic location. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.