This is just a random observation on my part, and I am wondering if anyone else has noticed the same where they are.
This weekend, maybe in part because its a long weekend, I have had significantly less SPAM show up in my inbox than most other days.
Does this suggest anything I am not sure, but I am wondering if many of the SPAMbots are office machines and not personal computers in peoples homes.
Commercial or business settings will usually have bigger pipes (faster connections to the 'net) than the majority of HOs so the potential to spew out SPAM at a greater rate would be enticing.
Many organizations or companies with large networks (at least the three I have worked for with more than 5000 desktop computers) instruct their employees to log off but not shut down their computers so that they can push updates out to the machines using administrator rights which allow remote access to the computer. This means that if the computer is infected it makes no difference that the individual user has logged off because any malware, keyloggers, viruses, etc will try to install itself as a service or with administrator rights and run hidden in the background. When you log off you don't shut these programs down or stop the service because they are not registered as belonging to your User ID/profile. This practice lets the overrun machine whirl away in the background during the day and during off hours use close to 100 % of system resources to generate SPAM or whatever dirty work they choose to do.
So this being a long weekend I wonder how many people thought to shut their machines down altogether thereby reducing the number of zombie computer running and consequently the amount of SPAM drops.
Now that you mention it, I haven't receive a single email this weekend telling me that I have an ED problem and the solution to my problem is only a click away. :D
That's extrememly unlikely. Most bussiness that size will usually need at the very least a somewhat competitive IT departments that will install and keep to date virus/firewall/security systems. There are exceptions of course but at that size not taking care of that could easily grind a network to a halt.
Yes, that is all true. Any organization of that size would (and they all did) have an IT dept. How engaged they are and proactive is another matter. I've seen both models, done in-house and farmed out to a contractor like Keen or another IT company. At both I have seen problems but they do get addressed rather quickly. Still, your network is only as safe as the dumbest employee who visits an unsafe website or opens a email they shouldn't that slips past the filters of your email server or desktop AV software.
Originally Posted by Velosapien
Can you offer a suggestion as to why the SPAM appears to decrease then? I started this thread to begin a discussion and offered some possible reasons for what I have observed. Please feel free to put your own ideas forward if you have some.
Well I think it's really all just a matter of coincidence but you might bring up a point. The vast majority of spam zombies are home infected computers that don't know about it. If you really think about it, how many people do you know who are still running windows 98, ME, XP without ever installing a single security patch since they first installed it 2, 3, 4+ years ago? I would also expect to find just about every single piece of shady junkware to be installed on those machines. The percentage of people who keep tight up to date system and security software is probably fairly small.
Originally Posted by Bob D.
If you want my idea as to why spam traffic might be less, I think taking a look around the web on holidays is a pretty clear indication. Notice sites are rarely updated, news nearly stops, forums rarely get posted on. Basically there's little of interest and traffic drops quite drastically until the work week begins again. People are out on holidays and many of those computers are turned off.
I would completely rule out the possibility of mega corporate zombie farms. While there certainly are instances of infection due to negligence or something completely out of anyones control, it is hardly enough to accound for any significant portion of the junk floating around. Most companies heavily monitor and restrict traffic since usually even a single infected computer is enough to cause a serious problem. The bandwith out to the internet is also much smaller than internal intranets so having infected machines in a network can choke the pipe out to the net. It's not the kind of thing that typically goes unnoticed.