Avatar

Takedowns of prolific spam botnets, such as Rustock in 2011 and Grum in 2012, had a substantial effect on reducing overall global spam volumes. This, combined with diminishing returns for spammers sending via bots, had left many email recipients basking in the comfort of (mostly) clean inboxes. No doubt this downward trend in global spam volumes also saved countless dollars that would have otherwise been frittered away on phony university degrees, suspect weight loss products, and erectile dysfunction medication.

Unfortunately, however, the good times seem to be coming to an end. Spam volumes have increased to the point that spam is now at its highest level since late 2010. Below is the graph of global spam volume as reported by Cisco SenderBase. From June 2013 to January 2014, spam was averaging between 50-100 billion messages per month, but as of March 2014 volumes were peaking above 200 billion messages per month–more than a 2X increase above normal.

Screen-Shot-2014-05-01-at-5.58.32-PM

Cisco isn’t the only organization noticing the increase in spam volume. Several other organizations that are in a position to track trend data also published similar looking graphs. For example, below is a graph of the past three years’ total spam volume as reported by the Composite Block List (CBL). In fact you have to go back all the way to October 2010 to see comparable spikes in volume.

totalflow-threeyears

When spam volumes increase globally, we all notice the additional spam hitting our inbox. For example, imagine an anti-spam filter that is 99.9% effective at stopping spam. If spammers send 1000 spam messages, the filter should successfully banish about 999 of them to the spam folder, but one of the spam messages will inevitably pass through to the inbox; no filter is perfect. Now imagine that instead of sending 1000 spam messages, the spammers send 2000. The amount of spam in the inbox will have just doubled too! This is a simple example, but it illustrates the effect increased spam volumes have in the real world. While we haven’t reached the record levels of spam seen during the heyday of spamming botnets, increases in spam volumes can be problematic nonetheless. With this increase, organizations should also understand that the extra unsolicited email could obscure more threatening emails like spearphish.

At Cisco we are constantly devising new and clever ways to put the kibosh on spam. As a result of our efforts, Cisco Anti-Spam technology continues to be one of the most effective ways of filtering unwanted email from your inbox, providing the best possible protection to “ride out the storm.”



Authors

Jaeson Schultz

Technical Leader

Cisco Talos Security Intelligence & Research