Spam and Scams Spread by Web’s ‘Bad Neighbourhoods’
Around 50% of all junk mail on the internet comes from just 20 internet service providers (ISPs), according to a recent study.
The study, conducted by a researcher in the Netherlands, surveyed more than 42,000 ISPs to help pinpoint sources of malicious email.
The extensive study was carried out to help computer security tools scrutinise the net addresses of email to help work out if they were legitimate or junk. This should help the security tools make better choices if they know the history of the types of traffic that emerge from specific networks.
Giovane Cesar Moreira Moura, who conducted the study as part of his dissertation at the University of Twente in the Netherlands found that some networks can be classed as ‘bad neighbourhoods’ as just like in the real world, they were places where malicious activity was more likely.
Of the 42,201 ISPs studied around 50% of all junk mail, phishing attacks and other malicious messages came from just 20 networks. Many of these networks were found in India, Vietnam and Brazil. The most crime ridden network he found was Spectranet in Nigeria. 62% of all addresses controlled by this ISP were seen to be sending out spam.
He also found that networks involved in malicious activity seemed to specialise in one area. The majority of phishing attacks came from ISPs based in the US, but in contrast the majority of spam came from Asian ISPs.
Mr Moreira Moura did point out however that malicious traffic coming from one source did not reveal its original source. Spam and other traffic can be routed through hijacked PCs or sent through compromised networks, hiding its original source.
The data collated will now help security tools avoid ‘bad neighbourhoods’ in the same way people avoid walking through certain parts of town.
Have you been affected by a ‘bad neighbourhood’? Let us know in the comments below.