Cisco claims spam drop is here to stay

Cisco has said that 2010 will be marked down as the year that "the tide turned" in the seemingly never ending battle against spam, with levels dropping by as much as 90 per cent.

The bold claim comes as Cisco launched its 2010 Annual Security Report, which found that global spam volumes dropped from a high of around 300 billion a day in August to as low as 30 billion at the end of the year.

The number of unwanted emails sent in the UK during August was 517 billion, and this dropped to 108 billion in December, a reduction of around 80 per cent, according to senior Cisco security researcher Henry Stern.

The reason for these drops is a renewed focus by law enforcers on shutting down affiliate organisations like Spamit.

This particularly notorious affiliate dealt mainly with pharmaceutical spam, but they all share the same business model, providing spammers with the e-commerce infrastructure to sell the spam products they promote and paying the spammers commission for every referral.

"It's been quite successful so far," said Stern. "If we continue to target them the problem will be considerably reduced."

Going after these affiliate programmes has also been an effective way for law enforcers to get to the botnet masters. The alleged mastermind behind the Mega-D botnet is likely to have been tracked down by analysing the financial records of affiliates, said Stern.

"It's entirely possible that new programmes will be created [when others are shut down], but law enforcers have decided that these are the low hanging fruit, " he added.

"We can solve more of the problems by going after the affiliates rather than taking down individual spammers. Money is a lot easier to track than network traffic."

The report also warned of an increase in rogue applications on smartphone apps stores, especially targeting Android and iPhone, but Stern praised social networks for taking great strides to reduce the risks on their sites.