Feeds

Spam regains pre-McColo reach

Junk mail strikes back

Secure remote control for conventional and virtual desktops

If you've noticed a spike in the amount of spam you're receiving, you're not alone. According to an analysis by Google, the volume of junk mail has returned to levels not seen since November, when host provider McColo was disconnected.

By the second half of March, spam volumes returned to pre-McColo takedown levels, according to the analysis, which was based on the inboxes Google manages for more than 50,000 businesses and 15 million business users. What's more, the growth rate during the first quarter of this year, at 1.2 percent per day, was the highest it's been since early 2008.

"It's difficult to ascertain exactly how spammers have rebuilt in the wake of McColo, but data suggests they're adopting new strategies to avoid a McColo-type takedown from occurring again," Amanda Kleha, a member of Google's security and archiving team, writes here. "Specifically, the recent upward trajectory of spam could indicate that spammers are building botnets that are more robust but send less volume – or at least that they haven't enabled their botnets to run at full capacity because they're wary of exposing a new ISP as a target."

Spam levels plummeted following the mid-November takedown of McColo, which hosted the master control channels for some of the world's biggest and most notorious spam gangs. McColo's ouster came after its upstream providers pulled the plug on their customer following complaints it was a conduit for junk email, phishing, and other types of online crime. Almost overnight, spam volumes dropped by 40 percent or more, by some estimates.

Since then, spam levels have slowly crept upward. In January, web-filtering firm MessageLabs reported that spam volumes were about 80 percent of pre-McColo takedown levels.

Additionally, over the past month Google employees have observed a rise in the amount of spam with malware attached. They've also seen new scams that target recipients by their geographic location. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Reducing the cost and complexity of web vulnerability management
How using vulnerability assessments to identify exploitable weaknesses and take corrective action can reduce the risk of hackers finding your site and attacking it.