While the United States continues to be the world's worst source of spam, computers there are relaying far fewer junk emails than a year ago, according to Sophos.
In contrast, the spam volume from South Korea and China is substantially up, compared with the same period last year, the security software maker said in a report released on Wednesday. The report covered Sophos' analysis of messages received in its scanning network between April and September this year.
The US was the country of origin for around 26 per cent of global spam, down from 41.5 per cent a year ago. The share of spurious emails from South Korea and China, which held the second and third position, has gone up to nearly 20 percent and 16 percent respectively, from 12 percent and nine percent, Sophos said.
The company attributed the decline in US-sourced spam in part to the nation's crackdown against fraudulent email. In particular, Sophos pointed to jail sentences for spammers, tighter legislation and better system security.
Graham Cluley, a senior technology consultant at Sophos, said in a statement: "Efforts such as ISPs sharing knowledge on how to crack down on spammers, and authorities enforcing Can-Spam legislation, have helped North America thwart the efforts of spammers on their doorsteps. Some of the most prolific spammers have been forced to either quit the business or relocate overseas as a result."
The threat of punitive legal action has also worked in Canada, Sophos surmised, noting that the country's share of spam generation has dwindled to 2.5 percent, from more than seven percent last year.
Also helping the cause was the introduction of Windows XP SP2 a year ago, which has improved security. But "the worry now is that devious spammers will turn to other net-based money-making schemes, such as spyware and identity theft malware to make their dirty money", Cluley said.
Another revealing aspect of the study was the fact that more than 60 per cent of spam messages are generated by zombie computers, which are PCs that have been hijacked — sometimes without their owners knowing — through the use of viruses or other malicious code. This technique allows culprits to be in a different country from the innocent computers they exploit, Sophos said.
