Last week, National Public Radio aired a story on my Pharma Wars series, which chronicles an epic battle between men who ran two competing cybercrime empires that used spam to pimp online pharmacy sites. As I was working with the NPR reporter on the story, I was struck by how much spam has decreased over the past couple of years.
Below is a graphic that’s based on spam data collected by Symantec‘s MessageLabs. It shows that global spam volumes fell and spiked fairly regularly, from highs of 6 trillion messages sent per month to just below 1 trillion. I produced this graph based on Symantec’s raw spam data.
Some of the points on the graph where spam volumes fall precipitously roughly coincide with major disruptive events, such as the disconnection of rogue ISPs McColo Corp. and 3FN, as well as targeted takedowns against major spam botnets, including Bredolab, Rustock and Grum. Obviously, this graph shows a correlation to those events, not a direct causation; there may well have been other events other than those mentioned that caused decreases in junk email volumes worldwide. Nevertheless, it is clear that the closure of the SpamIt affiliate program in the fall of 2010 marked the beginning of a steep and steady decline of spam volumes that persists to this day.
Of course, spam volumes are relative, depending on where you live and which providers you rely on for email and connections to the larger Internet. As I was putting together these charts, I also asked for spam data from Cloudmark, a San Francisco-based email security firm. Their data (shown in the graphs below) paint a very interesting picture of the difference in percentage of email that is spam coming from users of the top three email services: The spam percentages were Yahoo! (22%), Microsoft (11%) and Google (6%).
Here’s a graph of total Cloudmark spam volume data from the big three over time, with linear regression trend lines. As we can see, Google’s spam volume is pretty much flat over all (looks like they fought off an attack in September); Microsoft is trending slightly downwards; Yahoo! goes up and down, but more up than down.
Andrew Conway, Cloudmark’s lead software engineer, said one possible explanation for the big difference in Yahoo!’s spam levels is that the company experienced layoffs in December 2010 and April 2012.
“In the past five years they have had four CEOs plus two interim CEOs,” Conway said in an email interview. “That sort of reputation makes it hard to attract and keep top engineering or management talent. Also, when you are faced with having to cut costs, as Yahoo is, spam prevention does not generate any revenue. Cost centers get cut more than profit centers.”
Conway said spammers will follow the line of least resistance; as such, Yahoo only has to have fewer account creation security controls than the other Webmail providers to attract a lot more spam.
“We see spam coming both from bulk manufactured accounts and from genuine accounts that have been compromised,” he said. “Google has much better algorithms for preventing bulk account creation, and both of them are better than Yahoo at detecting and shutting down accounts that are used for spamming.”
A quick check at one dodgy site that sells access to bulk-created accounts at the top Webmail providers, for example, offers a basic lesson in supply and demand. That site sells 1,000 Yahoo Mail accounts for $35, or roughly 3.5 cents per verified account. Contrast that with the price of Gmail accounts, which is $150 for 500 accounts, or about 30 cents per account.