The Eerie Quiet of your Junk Folder
Spam volumes on the Internet are down on this time last year. Great news, we can all relax and stop worrying about our Junk or Quarantine folders or that missing million dollar order that might he hiding therein.
Brian Krebs wrote a great piece on the take down of the most prolific botnets, which is thought to be the main cause of drought in spam. It's certainly true to say that since the likes of Spammit, Rustock, Coreflood, Pushdo and Bredolab have been knobbled the output of spam has been noticeably less.
Less spam is great news, but I'm worried. I suspect this eerie quiet in our spam and junk folders is a false sense of security, and one that is waiting to draw us into a more evil and harmful place.
Think about it this way. You're a spammer...
Imagine you've been spamming people since 1997, persuading them to buy penny stocks, herbal enhancements and more recently fake AV products. You've been getting frustrated at the shrinking rate of return on your efforts, for the billions of spam messages you send you're only seeing a 0.002% return or even less; mind you, at $30 for a bottle of those fake-little-blue-pills that's still a few million dollars.
Why the decline? Well because we the vendors, are doing a better job of detecting and dealing with spam. Giving customers a 98% anti-spam SLA means we're confident we can keep that junk and rubbish out of their inboxes. The same is true for personal or webmail accounts, providers are simply getting better at protecting users.
Then just when you thought things couldn't get much worse someone shuts down your botnet, or the FBI takes away you hosting provider. Bad day at the office?
This is why I am worried...
Given the business challenges the spammers face today it's no surprise we're seeing a decline in the volume of spam. But are we? The figures we're looking at here are related to spam volumes delivered over SMTP based email, and those have been on the wane for some time. The recent precipitous drop makes me feel uneasy about the spammers new business models. You might be surprised I'm using the word 'business' in relation to spammers - don't be; this is their business, they have offices, employees, health-care plans, support lines and staff retreats just like everyone else.
These business models embrace all the latest social media trends. Spammers are simply jumping on the new mechanisms we're using to communicate, social media gives them everything they need and in many cases an even more targeted audience who are trained to 'like' the same things their peers do.
The deeper impact of this switch to less well evolved communication channels, is that the classic AV and AS protections deployed at the corporate gateway are fast being made redundant. Their rules unenforced, their quarantines empty. The threats they protect against are getting onto the network via other means that in many cases are far less well protected. The point is that the spam isn't going away, it's just changing and adapting to the marketplace; the users might be breathing a sigh of relief when they look at their inboxes, but I can guarantee you they're not doing the same elsewhere - Try tweeting the word mortgage or loan and see what happens.
The old money was SMTP email based spam, but just like everything else in corporate IT consumerization is taking over; spammers & scammers are simply keeping up with the trends.