Last week, Sophos released a blog post on the top 12 countries that relay spam during the first three months of 2012. Their summary:
I decided to compare Sophos’s list with our list during the 1Q 2012. I don’t know how Sophos compiled their list, but here’s how I did mine:
So without further ado, here’s a comparison of the two lists by the total amount of spam that we saw from each country. The numbers in parentheses in Sophos’s list are where that country ranked in our list:
You can see that countries like India, the USA, Indonesia, Brazil and Pakistan are roughly the same between Forefront and Sophos. But Sophos’s numbers vary wildly for South Korea, Taiwan and Peru.
But is total number of spam the best way to denote that a country is spammy or not? After all, skewing the US simply represents our customer base. What percentage of mail does that country send that is marked as spam? The proportion of mail that a country sends that is spam is a better indicator of its spamminess. Here’s our top 12 list again by total spam messages, but now showing the percentage of spam:
Going by this, developing countries like India, Indonesia and Pakistan blow right by the US, the UK, France and Germany. If we order by spam % and adjust for minimum amounts of spam, how does the list look?
This switches things. While countries like the US, Canada and the UK all make the list for the most spam sent, it’s because the total Internet population is so large and they account for so much Internet traffic and email in general.
However, in terms of the rate of spam, none of the developed world makes the list. Instead, countries like Belarus, Indonesia and Vietnam are sending way more than their fair share of spam. If you look through the list, every single one of these countries is in the developing world. It’s clear that spammers have greater success compromising computers in nations where the infrastructure is not as developed.
What about the cleanest countries? What do they look like? Here’s the list:
This list is populated by northern Europe as usual. Northern Europe, for as long as I have been investigating these statistics (for spam and malware) has always been a model citizen. Japan and Singapore are similarly good (they are the only two far east Asian countries that are). But what surprises me about this list is Oman and the United Arab Emirates. These are not countries that you typically associate with the developed world.
In the case of the UAE, they have a very high rate of immigration (one of the highest in the world according to the CIA World Fact Book and depending on the source you consult, are classified as having a high human development index) and my theory is that all of the skilled workers are the ones with Internet connectivity. Since they are skilled workers and have a lot of IT experience, they are very good about keeping their computers patched and up-to-date. Their places of work will probably have policies around computer security.
Regarding Oman… I admit I am pretty clueless about Oman although the country is made up of 1/6 non-nationals so maybe their situation is similar to the UAE regarding skilled workers. The fact that they made this list was very surprising to me. I have to go back and look at my script that does IP/country assignment and see if maybe I have to update my tables.
Anyhow, that’s my list of the top countries that are sending spam and how it compares to Sophos’s list.
Hie,the spam from USA,UK and Canada is mostly from proxies used by people from Asian countries like India