The current number one Global Comment Spamming block is currently awarded to Germany. Several IP addresses within the 109.230.192.0/18 CIDR block have allegedly accounted for tens of thousands of comment spam postings within the past several weeks.
Global spam problems have significantly increased during the first quarter of 2010, with a rise in snowshoe spam and an exponential growth in Botnet spam distribution.
Snowshoe spam, which rose dramatically during the final quarter of 2009, before tapering off in January, is now experiencing resurgence. Snowshoe spam is identified as a central point of spam origin, using a wide variety of IP addresses to cloak the span. These addresses are typically within a /24 range but may encompass much larger address blocks. In this type of operation the spam is spewed from a network, rapidly spanning through the IP addresses within the network, emitting spam in a wide footprint. The intent is to make the technique more efficient and more difficult to identify. Read more…
Email spoofing is on the rise. Country IP Blocks estimates that spoofing may account for more than 80% of all spam and malicious email traffic. Email spoofing is defined as the forgery of an email header so that the message has the appearance of originating from a source other than the actual source.
While any spoofed email is a problem, the problem becomes magnified when the spoofed email appears to come from an expected source. For example, company EXAMPLE has 100 employees and each employee has an EXAMPLE email account. If the company is using a program like SpamAssassin or other similar anti-spam software, they probably use a blacklist and whitelist to aid the spam filters. Company EXAMPLE may use a wildcard to blacklist *@EXAMPLE.com and then whitelist their legitimate email accounts, such as john_doe@EXAMPLE.com. The spam filters will give special consideration to email accounts appearing on the whitelist. Here is where a major problem may begin. Read more…