Over 57% Servers Relaying One Scam Each in U.S.
An investigation detailing the usage and distribution of Web servers to host different spam scams has revealed that a huge number of these scams push out from a singe server for each scam. The investigation further found that a majority of 57.4% servers are located in US.
Researchers at the University of California, San Diego, who conducted the study collected more than 1 Million separate spams spanning over a one-week period and tracked all the URLs in the spam mails that linked to the Websites the spammers wanted the victims to visit.
The team applied a technique called 'image shingling'. It involves drawing a comparison of screenshots of the Web pages rendered to find out which spams and corresponding sites related to a unique scam. Following this, the researchers produced details about the infrastructure the scams used. Scam is a term indicating a particular class of sites modified or created to churn money out of spamming operations. The money could be generated either by trading goods or services or by phishing for banking information.
According to the study analysis, there was almost an even distribution of spam sources around the globe. Of that, the U.S.-based computer systems produced 14% of the total world spam; Western Europe relayed 28%; and Asia, nearly 16%. U.S. has a heavy concentration of scam sites hosting more than 57% of total scams on the country's servers. This figure in Europe was 14% and in Asia - 16%.
The results further revealed that spam campaigns generally lasted for a short period where over 50% expired before 12 hours and approximately 1% lasted for three days. Half of the scam sites stayed active for seven days or more.
According to the researchers, while several spams moved out from large botnets, there is no clue of distribution relating to hosting of spam sites. Of the total number of 2,334 scams, 94% identified only used IP address and 84% exploited one domain name.
Researchers argue that scams using one IP address could fail in spammers' systems for making money leading to a possibility of blocking the funds' sources, thereby curtailing the spam menace.
Related article: Opera 9.1 Browser Introduces Phishing Alert
» SPAMfighter News - 20-08-2007