By Neil Vowles, 12 August 2008 15:43
NEWS
The amount of spam stuffed into UK inboxes has quadrupled over the past three months, according to figures from an anti-spam company.
The average internet user was targeted with more than 30,000 spam emails in the last three months, ClearMyMail claims.
Its spamming index said the worst hit were customers who had Orange as their ISP, where spam accounted for more than 96 per cent of all emails received between April and June.
Security A to Z
From antivirus to zero-day, click here for silicon.com's alphabetical guide to security. 
Dan Field, managing director of ClearMyMail, pointed to an increase in broadband availability in the UK as a primary cause for the increase, enabling phishing emails to be sent out in far greater numbers.
Field also identified the changing nature of spammers as a factor in the number and type of spam sent out. He said: "Spamming is now done by organised crime using local gangs who know how to target customers and how to make their spam look legitimate.
"The type of emails are now more dangerous. There are now more fraud emails rather than just spam offering you Viagra."
In response Orange said: "Orange takes email spam very seriously. We are an active member of the Messaging Anti-abuse Working Group and deploy a mixture of proprietary and third party anti-spam filtering software, which we provide free to all our customers.
"With any automatic filtering there is a danger of it identifying email that the customer actually wants to see. Therefore, we choose to tag the spam and deliver it to the inbox and make it a choice for the customer to turn on their anti-spam settings, via their webmail, to deliver the tagged email to the junk folder."
Of financial services companies, The Royal Bank of Scotland was the name most used by fraudsters sending email, with nearly half of all phishing emails pretending to come from the bank.
Field said: "It tends to go in cycles who they target with gangs tending to target the banks with most publicity. They will go for the biggest banks because there's so many more customers who are likely to click on an email."
But an RBS spokesperson said: "This research simply doesn't reflect our experience, it's an unreliable snapshot and RBS didn't even feature in their previous table for quarter one of this year.
"We have developed significant security processes to protect against this type of threat, including sending more than two million card reader devices to our customers with the specific purpose of protecting them from online fraud such as phishing."
A fifth of UK spam is now generated within the UK, which, Field points out, is more difficult to identify as spam than emails generated from previous spam hotspots China and Russia.
Comments
There are 7 comments. Join the discussion
1. David Bradley
Too many genuine emails are now being blocked and not even seen by the intended percipient. Company domain names of many small businesses are being blocked wholesale with flawed processes that doesn't even allow the issue to be resolved. With 96% of spam caught and 4% of genuine emails not getting through that leaves the problem 'solved'. No emails = No spam.
2. Robert Howe
What irks me is the flood of non-delivery messages I get when my genuine e-mail address is used to spoof the spam 'from' or 'reply to' fields. I tried the setting to ignore mailer-daemon messages, but I stopped getting messages I needed too.
3. Byron Graham
how do we best deal with it. According to the experts it’s not going to be an in-house solution: That takes on all the spam into the company and saves it in a massive pit known as a “quarantine” .Entailing management in the form installing, patching, updating, maintaining – having to search for possible legitimate mail within.
Then of course there SAAS solutions or more specifically the MSP’s promising to scan mail before reaching a companies mail server. Advantages: Lower IT overhead in time, money, resources; gain an outsourced partner specializing in Spam & none of the disadvantages mentioned above as with the in-house solutions.
Nearly every MSP is based on the same technology; they intercept the sender’s mail, store it to disk, send a confirmation back to the sender, scan the mail, and then send the mail to the recipient. There is only 3 problems with this technology (1) mail is been stored to disk: Privacy is been compromised & (2) Delivery Guarantee, as you have not received a confirmation from recipient but the MSP you do not know how long that mail takes to deliver that mail or if it has been delivered at all & (3) Blacklists- anybody can be put on there by anybody and it can take up to 24 hours to be taken off.
Of all the solutions I have looked only one does not operate in this manner as it carries a exclusive Patent whereby mail is sent in 1 SMPTP session to the recipient, mail is filtered in RAM & monitors bad IP behavior, refreshing every 6 seconds to determine if it’s a bad IP or not.
4. Malcolm WIlson
I have 4 email addresses, one of which is a Yahoo based one and even they seem to be getting overwhelmed by the amount of spam being sent. Despite having the provided spam filter turned on, just lately there has been a fair increase in the number of dodgy emails hitting my in-box with unacceptable and undisguised wording actually in the subject line. Being offered 15million quid twice a day from some account manager in Africa and being asked to update my account details by banks/building societies I'm not even an account holder with is all marginally irritating but lately the mass of duplicated messages (120 copies of the same message on one weekend) is really getting me irked.
5. BillK
I have an Orange email account and they generously send me over 1,000 SPAM emails per day. About 50 per day are not flagged as SPAM.
They allow customers to block up to 100 specified domains, but this is clearly inadequate. I have suggested to their customer services dept that they should allow customers to globally block email with foreign domains. e.g. China Romania, Russia, etc.
Their acknowledgment said they would forward the suggestion to the appropriate department.
(Probably the round green one under their desk). :)
6. James White
The best way to deal with it is block port 25 on all home user ADSL/cable lines and only open on request. That way, bot infected machines can't send out spam!
7. anonymous
It seems to me with the advent of and wide adoption of XML protocols there is the opportunity for an innovative anti spam organisation to promulgate spam identification protocols for the SW vendors such as Norton, McAfee, Kaspersky and Intego(for the mac addicts) to adopt along with the network operators and ISPs.
Given that most anti-spam software can learn what users identify as spam this could be transmitted back to the ISPs and networks via an xml message who could trap spam at source or at least when it enters their network domain.
My ISPs allow me to set filters at the webmail level but the issue from a useability perspective is that I have tools such as Outlook, Entourage etc. locally to access mail accounts. It is frustrating having to spend time on webmail setting up anti spam rules manually when I have automated spam filtering on a local machine. Why can't the two systems talk to each other via xml at a minimum. That is a service I'd pay extra for.
This approach would have an advantage for the ISPs and Networks that there would be significantly less bandwidth used on unwanted email traffic routed round the backbone systems.
ISPs or network addresses that consistently allow spam could be blocked from backbone services.
I know there are Bot networks sitting out their using unsuspecting users machines for bulk emails but the majority of these have some sort of embedded web link so that should they hook someone they can engage with the customer.
Based on communications with one of my ISPs the issue seems to be one of will in the market place rather than any real technical restriction other than the availability of a common standard.
It really annoys me using my mobile internet connection to download spam in such volumes as I receive. It means I have to pay for significantly more capacity than I actually need.