When it comes to the problem of outbound spam, one of the experiences that I have, and this was reaffirmed at TechEd, is that the number one source of compromised accounts are educational institutions. That is to say, whenever we have an outbound spam problem and have to hunt down where it is coming from, the highest number of these accounts are phished accounts/credentials from users at an educational institution.
Why is this? Why does so much spam originate from universities? Why don’t we see the equivalent in the corporate world?
I don’t know the answer. However, I will put forth a couple of theories:
None of these explanations is really satisfying to me. It’s possible that it is a combination of the three of them, and also others that I have not heard of.
The fragmentation of the networks (balkanisation) where Engineering (and other Science) depts. have own networks and do not come under control of Uni IT dept. This is for various reason mainly budgetary and historical (they had computer first etc.) and this means that the EDU domains have no one team in charge.
PS At least this is the case generally for UK. I assume that US is similar
Love the blog, I get here by way of CircleID. That being said... I've been doing some heavy research (amateur) into the stats we have recently discovered here at ESET and with the Securing Our eCity program. It appears that there are some other factors which I'll be publishing blog articles on in the very near future. First of which - there is definitely some sort of educational tie-in. We show in one nationwide survey that there is a precedence for more educated people (Masters, PhD) to be victims of cybercrime in one of our surveys at nearly TEN TIMES the rate of high school grads. Recent data I've been poring through focuses on the doctorate level and what role the mobile life of a doctor / tertiary educated person might be playing into this.
Other theories which some of the other researchers put forth were: "Educated people - that's where the money is" and "this can't happen to me" attitudes which might be prevalent within academia. But... all of those are simply guesses.
Can't wait to grab the data for those. Feel free to ping me over on my blog and I'll send you an email when it's posted.
First of all I want to say that you have a great blog and I enjoy reading it. However I would really love if you could rephrase the following part: "all sorts of nefarious things (bit torrents, shareware, etc)".
BitTorrent is a protocol, so there isn't any inherent link between its use and the nefariousness of the things downloaded with it. Check out for example http://www.clearbits.net/ (and you will find much more than just Linux distors, I assure you).
Also, most (almost all?) shareware isn't nefarious either. There are a lot of great software distributed as shareware which made Windows what it is today (Total Command, WinZip, Paint Shop Pro, ...).