1 Billion Spammers Served
Spam Insights Based on 1 Billion Messages
PUBLISHED: DECEMBER 15, 2009
We have combed through over 1 billion messages received from spammers over the last 5 years to pull out some interesting statistics. Any question you have about spam that you don't have the data to answer yourself, send it our way and we'll see if we can find the answer.
- When Project Honey Pot receives a message, how many messages does the rest of the Internet receive?
- It is impossible to know for sure, but based on estimates of spam volumes over the last five years, it appears that about 125,000 messages are sent by spammers for every one received by Project Honey Pot. In other words, over the five years we received 1 billion messages, spammers dumped 125 trillion spam messages on the rest of the Internet.
- What is the day of the week when the most/least spam is sent?
- The most spam is sent on Monday followed closely by Wednesday. The volume Saturday is about 40% less than the volume of spam sent on Monday.
- What is the time of day when the most/least spam is sent?
- 11:00 - 13:00 (GMT) is the heaviest time of the day for spam sending. 17:00 - 19:00 (GMT) is the lightest with about 58% of the volume sent at the peak time of the day.
- How many malicious bots are active on the average day?
- On an average day we estimate that approximately 389,000 malicious bots are active online. Note that this is not the number of infected machines, which is much higher, but rather how many of those infected machines is in use on any given day to send spam or commit other types of attacks. The number of active bots has grown at 378% on a compound annual basis. In other words, for the last five years the number of active malicious bots online has almost quadrupled every year.
- What is the most phished organization online?
- Over the past five years, Chase Bank has been the organization most targeted by email phishing scams received by Project Honey Pot. You're 9 times more likely to have received a phishing message from Chase Bank than Bank of America. However, in the last 12 months there has been a dramatic rise in the number of Facebook phishing messages, and the social network is on track to eclipse Chase in 2010.
- How many variations on the word "VIAGRA" have been found in Project Honey Pot's corpus?
- 956 (e.g., V1AGRA, V1@GRA, VIA6RA, etc.)
- How much harm does a harvester visiting my site do?
- You can expect to receive 869 spam email messages every time a harvester picks up your email address from a website online.
- Do spammers take holidays?
- The volume of spam drops approximately 21% on Christmas Day and 32% on New Year's Day. Saturday is the quietest day of the week.
- What country has the best/worst IT security practices?
- Based on the ratio of spam sent to anti-spam security professionals, the country with the best IT security practices is Finland. The country with the worst is China. The list of best and worst is available in the complete report.
- How long does it take a spammer to begin sending you messages after your email address has been harvested?
- 21 days 17 hours 17 minutes and 28 seconds. Spammers, however, are getting faster. In 2005, when Project Honey Pot began tracking their behavior, it took them 49 days 18 hours 54 minutes and 15 seconds.
- How much storage would it take to store all the messages generated by the top-20 spam campaigns of the last 5 years?
- Approximately 2.5 petabytes of storage. To give you some context, all the material contained in every library around the world is estimated to be less than 50 petabytes.
- Aren't spammers shut down fairly quickly?
- Not always. For example, 184.108.40.206 has been actively harvesting email addresses for nearly 4 years and 9 months; 220.127.116.11 is a Brazilian IP sending Chinese spam slowly but surely for over 5 years (its first message coming just a few days after the launch of Project Honey Pot).
Create an account to help Project Honey Pot track spammers and generate more statistics like these.