Spam Levels Largely Unaffected by Botnet TakedownWritten by Sue Walsh on September 3, 2012
About a month ago the infamous Grum botnet was brought to its knees. The massive
botnet was responsible for 1/6 of all the spam hawking fake Viagra and other such drugs. You’d think the take down would have sent spam levels plummeting and be considered a great victory in the fight against spam, right?
Spam levels haven’t waivered a bit, and less than a week later spam levels had returned to pre-takedown levels. Security experts say it’s likely a group of smaller botnets has taken over. These days size doesn’t seem to matter to spammers, in fact it can be a hindrance. Large botnets are easier to trace and blacklist than smaller ones. The more difficult a botnet is to trace, the easier and faster it can bounce back after a takedown attempt.
Spammers now rely on command and control servers scattered among IPs around the world so that if one block is taken off line, there are plenty of others waiting to take over. While spam levels have dropped since 2008, it doesn’t mean spam is going away. It just means spammers have begun valuing quality over quantity. They craft carefully targeted campaigns now instead of just flinging a wide net and hoping to snare a few unsuspecting recipients. They are even crafting spam messages in perfect English and with formatting that makes them look incredibly legit, knowing that badly formatted messages riddled with grammar and spelling errors are a red flag and more and more likely to end up in a junk folder.
Spam is here to stay, and we’ve got to keep one step ahead of increasingly sophisticated spamming techniques.