Two ASNs had big spurts of spam in September.
iWeb’s AS 32613 got to second place in the last two weeks of the month.
Like in August, IPWorld’s AS 19875 did one big spam spew,
but this time it almost doubled its closest competitor,
breaking 100,000 messages!
What is making Canada suddenly attractive to spammers?
-jsq
A surprise in the July
SpamRankings.net rankings:
US medical rankings all went to zero by 14 July.
World medical rankings went from hundreds and thousands to near zero
between 17 and 24 July.
That’s in rankings from CBL data. PSBL shows much less data for medical organizations, yet nonetheless the same effect in both world and U.S. medical rankings.
No other rankings showed such a drop.
Did medical organizations actually clean up their act? Or did they just manage to whitelist their netblocks at CBL and PSBL?
Either way, it looks like they noticed SpamRankings.net.
-jsq
Fahmida Y. Rashid wrote in eWeek.com 8 June 2011, UT Researchers Launch SpamRankings to Flag Hospitals Hijacked by Spammers:
That’s a pretty good explanation for why outbound spam is a proxy for poor infosec.“Poor security measures are generally responsible for employee workstations getting compromised, either by spam or malicious Web content. Once the machine is compromised, the botnet herders can add it to its spam-spewing botnet to send out malware to even more people. The original employee or the organization rarely has any idea the machine has been hijacked for this purpose.”
-jsq
The rest of his writeup quotes me quite a bit, and everyone knows I’m quite shy, so please go read his blog!A new resource for spotlighting organizations that are unwittingly contributing to the global spam problem aims to shame junk email havens into taking more aggressive security measures.
SpamRankings.net is a project launched by the Center for Research in Electronic Commerce at the University of Texas at Austin. Its goal is to identify and call attention to organizations with networks that have been infiltrated by spammers.
Andrew Whinston, the center’s director, said the group initially is focusing on health care providers that appear to be infected with spam bots. “Nobody wants to do business with a bank or hospital or Internet hosting company that has been hijacked by spammers,” Whinston said. “It’s an environment in which user data can be stolen or compromised.”
I will add that May data is live now on SpamRankings.net. Also, organizations that do better over time may want to brag, as has happened with a couple of U.S. organizations in May.
Here’s Krebs’ final paragraph:
I applaud this effort, and hope that it gains traction. I remain convinced that the Internet community would benefit from a more comprehensive and centralized approach to measuring badness on the Web. There are many existing efforts to measure reputation and to quantify badness online, but most of those projects seek to enumerate very specific threats (such spam or hacked Web sites) and measure the problem from a limited vantage point. What is lacking is an organization that attempts to collate data collected by these disparate efforts and to publish that information in near real-time.
-jsq