If you’ve been getting more spam in your mailbox lately, there’s a reason for that: Once a haven from the worst excesses of junk e-mail, Israel has more or less caught up to the rest of the world. More than three-quarters of the e-mail received these days, both in Israel and around the world (75.1% and 75.2%, respectively) are messages from Nigerian bankers, spiels for v*i*a*g*r*a, and other useless digital junk mail.
With that, the level of truly dangerous email messages — those with viruses or other destructive programs attached — was much lower in Israel. Locally, one in every 982.6 messages contained a virus, malware or a malicious website link, while the average for the rest of the world was one in 211.1 messages.
The data on Israeli spam was part of the most recent monthly report issued by antivirus firm Symantec, which keeps an eye on email and Internet dangers. The monthly report for September showed that the aforementioned spam rate was the highest ever, with a 2.7% increase over the number of spam messages sent in August. Phishing e-mail — messages that prompt you to enter personal information, which data thieves use for their own nefarious purposes — was also higher (with one in 254.4 messages a phishing email, an increase of 0.088% over August), as were messages with links to malicious websites.
Even the one piece of seemingly good news was really bad, the report said. “The file size of spam emails has shown a decrease this month,” the report said, but “this may indicate that attackers are currently including URLs that lead to spam or malicious websites.”
The sheer volume of spam and and its ilk indicates that spammers have easy access to “legitimate” servers, and have long stopped relying on their own servers to send out junk messages. It’s a lot cheaper, and quite simple, for a spammer to appropriate a hacked server used for normal hosting purposes, Symantec said. “Hacked servers are very popular among spammers and malware authors because they reduce the cost and complexity of hosting their own servers and make it more difficult for security companies dealing with sites on a legitimate server.”
Using various tricks of the trade, the company said, a skilled hacker can quickly install a spam toolkit, appropriating the server at will to send out junk messages.
While Israel is just about current with the world average, some places have it far worse. The world “champion” for spam messages in September, Symantec said, was Saudi Arabia, where nearly 85% of all messages were junk. Sri Lanka, with a rate of 81.7%, was in second place, followed by Sweden, China, and Qatar, where the rates were all in excess of 79%.The biggest source for spam – where the most compromised servers are located – was India, which was responsible for 17.4% of all spam in the world, followed by Saudi Arabia, from where 11.7% of all spam originated during September. The top three categories? Sex/dating, at 47.93%, pharma offers (including v*i*a*g*r*a) with 27.64% of the total, and offers for watches, which accounted for 12.49% of junk email in September.
Security experts, of course, would recommend a robust system to ensure that servers are not compromised, and suggest that users keep up to date on virus software (like that made by Symantec, the company says), to protect computers and servers.
But it seems that even as antivirus programs become more sophisticated, and the anti-spam measures taken by service providers (white lists, filters, etc.) become tougher, the spam problem just keeps getting worse. And why do spammers even bother? Does anyone really respond to those messages from Hosni Mubarak’s second in command, who wants to pay you a fat fee for helping him to smuggle $25 million out of Egypt?
Surprisingly, or perhaps not, “there really is a sucker born every minute,” said security expert Yosef Daub. “While the vast majority of people do not click on these links or submit information to these web sites, there are some that do, and since it doesn’t cost the spammers any money — or time, since it’s all automated — to send out these messages, even one respondent out of a million makes spamming worth their while.”
Israelis, too, are clicking on the links on these messages, which are appearing more frequently in Hebrew. “I think a lot of these Hebrew spam messages are not Israeli in origin, but are part of the worldwide spam movement,” said Daub. “For a long time the level of spam in Israel was lower that in the rest of the world, perhaps because the spammers didn’t have Hebrew messages to distribute.”
That certainly has changed, and even though the level of malicious messages sent in Israel is lower than the rate elsewhere, that rate is likely to go up as well, Daub added. “Somebody, somewhere is making money off of this, and that’s a guarantee that spam and phishing messages will continue to be a part of the email experience for a long time to come.”