Bulgaria, Spampion of the World

Sophos Labs has just published its latest quarterly Spam league tables. Covering April, May and June of 2014, this is a period when some of the most important events in the sporting calendar take place including the run up to the Commonwealth Games, Wimbledon tennis and of course, the World Cup.

Sophos measured which computers in the world sent the most spam in this time and turned the measurements into a pair of league tables. In keeping with the sportiness of this time of year, it dubbed the tables the Spampionship charts. There are some surprising findings. The US is the world’s most prolific spam relaying nation, but, measured by population, they come in at twelfth place. The dubious honour of most spammed, calculated by measuring the volume of spam per head of population, goes to Bulgaria, which has just replaced Belarus in first place.

What does this all mean? If this was indeed a competition, what sort of conclusions would a panel of pundits draw?

The most obvious observation to make is that it’s too early in the season to make judgments. There are so many different variables in this game, as a pundit might say. The nature of the spamming needs to be examined. Some of it involves accidental fouling (where a computer owner unwittingly allows their machine to be taken over and used by a rogue element). This is a yellow-card offence surely. In defence of the American consumer, they have probably been targeted by overseas attackers by virtue of being one of the world’s richest nations, which means they have the most computers. This is a theory that might be backed up by the fact that Luxembourg (which has the highest income per capita in the world) also figures very highly in the spamming league table and has done for the last three years.

What is less forgivable is deliberate spamming of other machines, where the machine is the originator of the malware that spreads across the globe. That really is a red-card offence.

It is here that the statisticians seem to have let us down a little. (“They’re going to be disappointed with themselves” as the commentators might say). A more detailed breakdown of spammers, by intention, might be more useful than by income or per head of population.

The problem is that spamming, like many sports, is becoming increasingly complex and sophisticated. Some play what sports pundits might call the short-ball game (and what criminologists have historically classified as ‘the short con’). This involves instant small-scale, unambitious malevolence, such as getting code into a host computer and using it to rack up clicks on adverts, or to post recommendations.

Much nastier are the long-ball tactics (long cons), where keystrokes on target computers are logged, or files on the machines are ransacked for details of financial transactions, or where the PC is used as a proxy for hiding someone else’s nefarious actions.

All these acts, in their varying degrees of malevolence, are lumped together in the study as spam, so it’s hard to draw too many conclusions.

Still, for the purposes of entertainment, we should note that

Switzerland has come from way behind (having been no higher than 20th in the previous three quarters) to put itself in bronze-medal position in the spam relaying by population stakes. France and Italy are making an appearance for the first time in the past year. Italy has been at the fringes of the Top 12 (14th) before, but France has been no higher than 27th.

The Bahamas and Macau dropped out of the charts to be replaced by Iceland. Spam notoriety is clearly transient and seems to be controlled by forces that haven’t been documented thoroughly.

The one certainty we can say is that you should never write off the Germans – but that’s because they are naturally cautious and disciplined, and unlikely to allow their machines to be insecure.

We are all guilty of doing too little to prevent outbreaks of spam. That is a lesson we must digest. As the sports pundits might say, when it comes to spam, we are going to have to step up to the plate.


Nick Booth worked in IT in the UK’s National Health Service, financial services and The Met Police, witnessing at first hand the disruptive effects of new technology.




« Top Tips: More Responsible Information Management


eCourts: Justice Pending in India? »
Nick Booth

Nick Booth worked in IT in the UK’s National Health Service, financial services and The Met Police, witnessing at first hand the disruptive effects of new technology. As a journalist and analyst, his mission is to stop history repeating itself.

  • Mail


Do you think your smartphone is making you a workaholic?