Spam is continuing to be sent from a multitude of countries, as the challenge to pin down those responsible becomes more difficult.
In the March 2010 MessageLabs Intelligence Report, Symantec revealed that 36.6 per cent of targeted malware originated in the United States based on mail server location, but when analysed by sender location, more targeted attacks originated in China (28.2 per cent), Romania (21.1 per cent) and United States (13.8 per cent).
Paul Wood, MessageLabs intelligence senior analyst, said: “A large proportion of targeted attacks are sent from legitimate webmail accounts which are located in the US and therefore, the IP address of the sending mail server is not a useful indicator of the true origin of the attack. Analysis of the sender's IP address, rather than the IP address of the email server reveals the true source of these targeted attacks.”
Further analysis by PandaLabs found of the five million emails it analysed came from a total of almost one million different IP addresses. It also detected that Brazil, India, Vietnam, USA and Russia head the ranking of countries from which most spam was sent during the first two months of the year.
It claimed that the Brazilian spam messages are used primarily either to distribute threats or sell illicit products, and the main lure used as part of the social engineering techniques employed is the promise of videos or photos of Brazilian girls.
With respect to the cities from which spam was being sent, PandaLabs detected that Seoul was first in the list, followed by Hanoi, New Delhi, Bogota, Sao Paulo and Bangkok.
PandaLabs' Olaiz said: “Spam is nothing but a business and is used primarily either to distribute malware or sell/advertise all type of products. Therefore, as long as there are users, no matter if they are few, who trust these messages, it is enough to continue betting on it.”
MessageLabs' further analysis showed that the top five targeted roles are director, senior official, vice president, manager and executive director. The individuals that receive the most targeted malware are responsible for foreign trade and defence policy, especially in relation to Asian countries.