Spammers send 120 billion spam emails to internet users daily and, like it or not, spam exists because it achieves its sender’s purpose of generating a profit or damaging many people’s computers. But in an attempt to potentially stem the tide of spam a group of United States scientists have recently revealed some interesting findings about how spammers achieve these objectives in a report aptly entitled 'Spamalytics'.
Spamming all over the world
According to Symantec's October 2008 monthly report on The State of Spam, spam categories included adult, fraud, financial, scams, products, political, leisure, internet, health and fraud.
Twenty nine percent of the world's spam in October 2008 originated from the United States. Russia clocked in at 7% and South Korea, India and China each produced 4 % of the world's spam.
"We continue to see spammers leveraging the housing market downturn and the general economic instability in the US as a vehicle to promote their spam attacks. Leveraging the intense interest in these current events, spammers hope to collect personal information from their targets. As news of the economy continues to dominate headlines, it is apparent that spammers will continue to use this angle to try and exploit email users", the report says.
Even the recent US presidential race got spammers going with polling scams promising recipients gift cards and t-shirts in exchange for opinions on the election. The activities of the candidates resulted in spammers spreading malware amongst recipients.
Symantec is one company that produces regular monthly reports regarding spam, but a group of scientists in the US have conducted what has been called the first in-depth study into spam to establish how many people are affected by or respond to spam.
Computer scientists from the University of California, Berkeley and UC in San Diego recently carried out what has been described as the "first large-scale quantitative study of spam conversion".
The report, Spamalytics: An Empirical Analysis of Spam Marketing Conversion, had the aim of providing a measure of the "conversion rate" of spam. In other words, the scientists wanted to establish the probability of an unsolicited e-mail resulting in a "sale" or the "infection" of a computer with malware.
The study involved using the Storm botnet's infrastructure to analyse two spam campaigns - one designed to propagate a malware Trojan and the other marketing pharmaceuticals on-line. "In effect, the best method to measure spam is to be a spammer", the study says.
The scientists' methodology included documenting three spam campaigns producing 469 million e-mails in an attempt to identify how much of this spam is filtered by popular anti-spam solutions, how many users "click-through" to the site being advertised (the response rate) and how many spam emails result in a "sale" or "infection" (the conversion rate).
Studies on spam in the past have revealed that the marginal cost to send an e-mail is small and therefore an e-mail based campaign can be profitable even when the conversion rate is small. A study done by W.Y.P. Judge and D. Alperovitch, on Understanding and Reversing the Profit Model of Spam, speculated that response rates of as low as 0.000001 are enough to ensure profitability, and J.Goodman and R.Rounthwaite's Stopping Outgoing Spam concluded that the optimal strategy for reducing the cost of spam is to send spam as fast as possible.
The scientists working on the Spamalytics study admit that their final results are not necessarily representative of spam as a whole because their results represent a single data point, meaning that different studies could produce differing results. Yet, their particular findings are nevertheless interesting.
The study found that India, Pakistan and Bulgaria have the highest response rates to spam while the US (albeit a major target and responder) has the lowest resulting response rate of any country followed by Japan and Taiwan.
Furthermore, considering the amount of emails spammers send out, the conversion rate is actually quite low.
"After 26 days, and almost 350 million e-mail messages, only 28 sales resulted - a conversion rate of well under 0.00001%. Of these, all but one were for male-enhancement products and the average purchase price was close to US $100. Taken together, these conversions would have resulted in revenues of US $2, 731.88 - a bit over US $100 a day for the measurement period or US $140 per day for periods when the campaign was active...Thus, the total daily revenue attributable to Storm's pharmacy campaign is likely closer to US $7000 (or US $9500 during periods of campaign activity)" the scientists conclude.
Therefore, the scientists extrapolate that the Storm-generated pharmaceutical spam would produce approximately US $3.5 million revenue in a year.
The scientists also conclude that the "profit margin for spam (at least for this one pharmacy campaign) may be meagre enough that spammers must be sensitive to the details of how their campaigns are run and are economically susceptible to new defences". So, it takes a big spam operation to turn over millions of dollars in profit each year.
The increasing link between spam and compromising your computer
Apart from the prolific marketing-related spam emails out there, there has been an increase in the number of spam messages containing URL links to malicious code according to the Symantec October 2008 Spam Monthly report. These emails contain links to malware designed to infect other computers with viruses and Trojans.
Symantec came to this conclusion as a result of studying data retrieved from customers running antivirus software and who have consented to returning data and, thus, the total messages scanned included legitimate and spam messages.
The report goes on to state that the majority of this malware appeared in zip and RAR files, which were detected by antivirus filters. The next most common payload vector has been that of malware imbedded in an email's source code.
Symantec says that from June to mid September 2008, "the percentage of malware detected in email messages had a dramatic increase from a tenth of a percent (0.1 percent) average in June 2008 to 1.2 percent in the middle of September 2008".
Topping the charts, in terms of the malicious software, was the generic Trojan Horse detected in 13.4 percent of the identified messages. The Trojan Horse was followed by Downloaders, malicious programs used to download other malware, at 11.8 percent.
Infostealer, another generic definition that blocks programs attempting to steal sensitive information from a user's computer, clocked in at 11.1 percent.
The source of these email messages were varied, being sent from compromised servers around the world. But China, the Republic of Korea and the United States headed the list of the origins of the compromised servers.
Another form of spam compromising one's computer is ‘Zombie' activity. Zombie is a term given to a computer that is being used for various activities ranging from sending spam, hosting websites that advertise spam and acting as DNS servers for zombie hosts. In September 2008, there was a 101 percent increase in the number of active zombies sending spam.
The top ten countries hosting active zombie computers for September 2008 were Turkey, Brazil, Russia, the United States, India, China, Germany, Argentina, Poland and Thailand.
So, taking all of this information into consideration, what is the best way to arm one self? Well, apart from getting a credible anti-virus program installed on your computer, knowledge is power.
This article features a list of the most common malicious software types and an assimilation of the top tips to help prevent you from becoming a spam victim.
For all the latest tech news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.
Subscribe to Arabian Business' newsletter to receive the latest breaking news and business stories in Dubai,the UAE and the GCC straight to your inbox.