US wins ‘Spampionship’ for most spam emails sent

23 Jul, 2014 20:20 / Updated 10 years ago

The United States sends more spam by volume than any other country in the world, while Bulgaria emails the most per capita, according to a new tally by security company Sophos. The report covers the second quarter of 2014.

The US has placed first in Sophos’ dubious “Dirty Dozen Spampionship,” which looks at the top spam-producing countries in the world, for the last four quarters. The US sent 24.2 percent of the world’s spam in the past three months, with France sending just 6.7 percent, China 6.2 percent and Italy 5.2 percent, according to the company’s data.

Playing off the popularity of the 2014 World Cup and the upcoming Commonwealth Games, SophosLabs created two league tables to show off the results of its study. “Just as the soccer World Cup reminds us that football is the ‘World Game’, because it's played so keenly in so many countries, we hope the Spampionship Tables are a reminder that spam is a global problem that affects us all,” the company wrote on its Naked Security blog.

"The US tops the 'by volume' charts, simply because it has a large population and the bulk of the world's internet Infrastructure," said Paul Ducklin, security expert for Sophos, wrote in the blog post.

Because of the population disparity between the countries of the world, the company also looked at the amount of spam sent per person in each country (with a population of at least 300,000), normalized against the size of the US. In that ranking, Bulgaria tops the charts, while the US drops down to 12th place in the ‘Dirty Dozen’.

“Simplifying greatly, the average computer in a country that weighs in at two times the spam-per-person of the US probably has about twice the chance of being infected with malware,” explained Ducklin. “Similarly, if computers in your country are, on average, twice as well protected (and your users twice as cautious) as in the US, you'd expect to show up with a spam-per-person rate of 0.5 times the US figure.”

Sophos notes that the amount of spam sent does not equate to the amount of cybercrime occurring in a country. An computer infected with malware that spews spam at the will of cybercriminals can also be used to steal online names and passwords, downloading more malware, acting as a proxy for other criminals, attacking other people’s websites or other nefarious activity that the computer’s owner has no control over.

“The vast majority of spam is sent unsuspectingly from computers infected with malware, so that if you aren't careful, you may end up being part of the problem,” Ducklin wrote. “We do want you to remember that almost all of the spam that SophosLabs receives in its spamtraps is there with the help of someone who slipped up with their security.”

The company recommends updating anti-virus software and thinking before clicking on links, downloading files or opening email attachments.