Takedowns of prolific spam botnets, such as Rustock in 2011 and Grum in 2012, had a substantial effect on reducing overall global spam volumes. This, combined with diminishing returns for spammers sending via bots, had left many email recipients basking in the comfort of (mostly) clean inboxes. No doubt this downward trend in global spam volumes also saved countless dollars that would have otherwise been frittered away on phony university degrees, suspect weight loss products, and erectile dysfunction medication.
Unfortunately, however, the good times seem to be coming to an end. Spam volumes have increased to the point that spam is now at its highest level since late 2010. Below is the graph of global spam volume as reported by Cisco SenderBase. From June 2013 to January 2014, spam was averaging between 50-100 billion messages per month, but as of March 2014 volumes were peaking above 200 billion messages per month–more than a 2X increase above normal.
Cisco isn’t the only organization noticing the increase in spam volume. Several other organizations that are in a position to track trend data also published similar looking graphs. For example, below is a graph of the past three years’ total spam volume as reported by the Composite Block List (CBL). In fact you have to go back all the way to October 2010 to see comparable spikes in volume.
When spam volumes increase globally, we all notice the additional spam hitting our inbox. For example, imagine an anti-spam filter that is 99.9% effective at stopping spam. If spammers send 1000 spam messages, the filter should successfully banish about 999 of them to the spam folder, but one of the spam messages will inevitably pass through to the inbox; no filter is perfect. Now imagine that instead of sending 1000 spam messages, the spammers send 2000. The amount of spam in the inbox will have just doubled too! This is a simple example, but it illustrates the effect increased spam volumes have in the real world. While we haven’t reached the record levels of spam seen during the heyday of spamming botnets, increases in spam volumes can be problematic nonetheless. With this increase, organizations should also understand that the extra unsolicited email could obscure more threatening emails like spearphish.
At Cisco we are constantly devising new and clever ways to put the kibosh on spam. As a result of our efforts, Cisco Anti-Spam technology continues to be one of the most effective ways of filtering unwanted email from your inbox, providing the best possible protection to “ride out the storm.”
Excellent read !
While I agree spam is increasing, that’s not the most interesting thing I see when I look at the Senderbase graph. The thing that is most apparent to me is that the delta between “Total number of emails” and “Number of spam emails” has increased dramatically in the last two months. This delta (the orange shaded area) should represent legitimate non-spam email. The graph would seem to indicate there are ~34.6B legitimate emails in April 2014, compared to ~24.3 billion legitimate emails in April 2013, and ~14 billion legitimate emails in January 2014.
I see two possible explanations for this.
1. Legitimate email really has increased 50% in the last year, and is more than double what it was four months ago.
2. On a percentage basis, Senderbase is not as effective as it used to be.
I would be interested to see reasons why the first point is true, otherwise I’m inclined to believe the second point is more likely.
A Concerned Ironport Customer
Your reasons for increased spam are valid. But, let’s take another look at it. What about the increased people who are unemployed and and are looking for ways to make money? Granted, those programs are spam in themselves but desperate people will look at just about anything to make a buck. With the world economy tanking, couldn’t that be a reason that there is an increase in spam?,
For those customers that might get concerned about Senderbase efficacy – have a look at following report : http://www.opus1.com/www/whitepapers/antispamresults2013.pdf
Thanks for being an IronPort Customer and for letting us know what is on your mind. As a former Project Leader of SenderBase.org I can definitely help you to answer your question.
That graph is a reliable estimate of overall worldwide email volume. However because we simply don’t see all of the world’s email traffic, when it comes to the relative percentages of spam and legitimate mail, it is still just an estimate. This graph is meant to indicate the bigger trends in global email volume, including this recent increase. The data in the global volume graph is unrelated to SenderBase Reputation efficacy.
Accurately estimating what the entire world sees in regards to spam and ham traffic is not a very easy task. 😉
on behalf of the average person out there, Thank you!
Comments are closed.