Comments on: Spam Volumes: Past & Present, Global & Local

By: AlphaCentauri

AlphaCentauri — Mon, 21 Jan 2013 12:12:04 +0000

Yeah, I’m talking about email accounts without spam filters … though in my experience, it usually isn’t hard to filter for advanced fee fraud, since the spammers have poor English and tend to copy/paste other spammers’ templates.

By: JCitizen

JCitizen — Mon, 21 Jan 2013 07:11:10 +0000

My account usually has little spam anyway; but has actually been worse lately! Funny thing is, on the junk account I used for zero day threats, they have actually reduced.

Go figure.

Perhaps the spammers have figured out how to do more with less. They’ve been smarter.

By: AlphaCentauri

AlphaCentauri — Sun, 20 Jan 2013 00:38:28 +0000

Spamit was known for high volumes of spam, multiple copies to a single email address several times a day. Knocking out that one sender would have had a major effect.

Right now, most of what I get is advanced fee fraud, malware/phishing, replica, and joe jobs. Pharma has dropped dramatically.

By: Alexander Trust

Alexander Trust — Wed, 16 Jan 2013 23:34:02 +0000

Has SPAM really decreased? I think that there are a lot of different channels SPAM ist spread and not only email. Would be interesting if you’d compared those results with let’s say spam showing up at Facebook, Twitter, comments in blogs and bulletin boards and so on. Maybe that email spam isn’t that effective any longer and so they switched their platforms?

By: Fernande Auls

Fernande Auls — Wed, 16 Jan 2013 17:32:21 +0000

test comment

By: SpamIsLame

SpamIsLame — Wed, 16 Jan 2013 16:59:40 +0000

The bigger issue with Yahoo besides the layoff and general lack of any leadership whatsoever is that they took the step over the last year to completely stop any inbound reporting of things like Nigerian scammers abusing Yahoo accounts.

Yahoo used to have a really responsive abuse team, and they would accept abuse reports via email or via some pretty straightforward abuse reporting forms specific to Nigerian abuse and other types of online criminality.

Starting in early 2012, they instead made sure that the net result of any attempt to even *find* where to report this activity to Yahoo abuse ended with instructions on how to flag these messages as spam, instead of any method whatsoever that would lead to someone at Yahoo shutting down the offending accounts.

The last of the forms that Yahoo had that *would* report this activity, they shut down in December 2012, making it pretty clear: Yahoo just doesn’t care to do anything about criminals who rampantly abuse Yahoo Mail in any way.

In many, many ways, I (and I know I’m not alone) really do wish that Yahoo would have been sold off when they were still worth buying, because whoever bought them would hopefully address this long-standing issue. Now I really just wish they would have gone bankrupt. Nobody is home at their abuse departments, if they even exist.

Assuming ex-Google, new CEO Marissa Meyer actually is in a position to turn that ship around, she (and her team) definitely need to address the damage this has done to Yahoo Mail’s reputation internationally. As only one example, Gmail’s spam filters routinely block all Yahoo Mail domains because (for example) “Mail from Yahoo.cn has been found to be fraudulent in nature.” This is what your spam filter will tell you when they do this. The domain itself is now seen as fraudulent.

Great report. Hopefully this volume will go down even further in 2013.

SiL / IKS / concerned citizen

By: Barry

Barry — Wed, 16 Jan 2013 12:46:45 +0000

Why are we still using an ancient protocol that not only allows but encourages spoofing and has no verification of sender?
If we want to reduce spam we really need to change email protocols globally.

By: Wojtek

Wojtek — Wed, 16 Jan 2013 08:13:15 +0000

Thanks for the article, very informative.

A statistics note: the linear regression on the Cloudmark spam graph does not make much sense as there is no particular reason why the trend should be linear. It can give a false sense of trending while the trending may not even be there.

By: na

na — Wed, 16 Jan 2013 05:58:50 +0000

Oh Brian… you should talk to Spamhaus in another 30 days, expect fun things to come.

By: Uzzi

Uzzi — Wed, 16 Jan 2013 03:03:55 +0000

> X-Originating-IP: [151.56.216.153]

This is not a Yahoo mailserver…

http://whois.domaintools.com/151.56.216.153
:
inetnum: 151.56.0.0 – 151.56.255.255
netname: IUNET-BNET56
descr: IUnet
descr: Via Lorenteggio 257
descr: Milano, I-20100
country: IT

… but an italian dialup range according to Spamhaus.org and the responsible provider:
“151.56.0.0/15 is listed on the Policy Block List (PBL)”
http://www.spamhaus.org/pbl/query/PBL177375