We have been in stealth mode collecting and processing spam reports from #SURBL, #SPAMHAUS and #INVALUEMENT for over a year. Time to unveil the data at the Cybercrime Information Center!
What we found...
Spam campaigns are most often launched from malware installed on devices, servers, or cloud accounts. Spam begins with an Illegal access and misuse of device/software, which the Council of Europe Convention on Cybercrime lists as cybercrime (Articles 2, 6). Each spam message relayed thru the Internet from origin to recipients also constitutes a misuse/crime.
What's delivered is _rarely_ benign. From the data we collect, we determine that ~1M unique domains per quarter are reported for spam. These are most commonly registered in bulk. No one invests this cost and effort to send something benign.
There's a community that is willing to dismiss spam as a lesser threat based on the message content received, or the helpdesk complaints submitted by users who have no scientific method to corroborate their complaint.
The unvarnished truth: most spam is malicious and most is associated with one or more criminal activities.
Relevant links:
Spam activity is the landing page for all reporting https://www.cybercrimeinfocenter.org/spam-activity
You'll find links to quarterly spam reporting since September 2022 for #TLDs #registrars and #hostingnetworks here.
If you want to see more than the top 20 ranked operators visit https://www.cybercrimeinfocenter.org/records-repository
To give you a feel for the volume of data we've processed - and change over time, we collected 850,000+ reports in Sep-Nov2022. For the Jun-Aug2023 period we collected over 1,300,000 reports.
Comments
You can follow this conversation by subscribing to the comment feed for this post.