Proofpoint: Security, Compliance and the Cloud

January 10, 2011

Spam Volume Makes a Comeback after Holiday Hiatus

Proofpoint-Spam-Returns-January-04-11-thru-January-10-11 From the "Hate to Say I Told You So" department...

As they say, all things come to an end and, as expected, the unusual lull in spamming activity between Christmas and the new year seems to have come to an end early today.

See the chart at left (click for larger view), which shows hourly message volume observed by some of Proofpoint's spam traps over the last two weeks. As if spam has returned to work from a long holiday break, volumes have been sharply rising this fine Monday morning to levels similar to those observed before the 12/25/10 "vacation."

Hourly spam volume has roughly doubled from the spam baseline observed over the holidays and is also back to showing the usual "spikey" behavior we see from spam campaigns.Proofpoint-spam-returns-quarantine-Jan-10-2011 My friends over in the Proofpoint Attack Response Center confirm with me that this is "a resumption of previously seen traffic patterns." 

In my previous post, I shared one of my unusually barren spam quarantine reports for one of my email addresses. The funky little image at right is today's situation...

As you can see in today's screen capture of the Proofpoint Enterprise Protection quarantine digest from the same account (click for larger image), there's roughly 3 times the amount of messages hitting that account today as last week.

The messages here still seem pretty heavy on pharma spam, but there are a few items that are possible phish, also a larger number of Asian language messages. As with last week, even though volumes have suddenly increased, Proofpoint is doing an excellent job of detecting, scoring and quarantining the new messages (aside: did you know that you can always see Proofpoint's current anti-spam effectiveness on our site?).

Not too much else to say about this right now except that it really does look like one (or maybe several) of the top spam senders took a holiday vacation and are now back at it on the second Monday of the new year.

While other botnets may have taken a hiatus as well, it does seem that the Rustock botnet is back to its spam-sending ways (as reported by The Guardian).

TrackBack

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Interesting. I never thought things were like this. But, I guess you're right:)

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Archives

Blog Search

Email Security Gateways, 2012

Magic Quadrant

Tweets

What people are saying right now about us.

©2012 Proofpoint, Inc.
threat protection: Proofpoint Enterprise Protection compliance: Proofpoint Enterprise Privacy governance: Proofpoint Enterprise Archive secure communication: Proofpoint Encryption