The spam market infrastructure

The current spam market has a well-defined structure. Different players offer each other services for collecting users’ addresses, searching for clients and providing mass mailing.

The spam market includes:

  • Suppliers of software, address databases and IP addresses;
  • Virus writers;
  • Spammers;
  • Advertisers.

Software vendors

Spamming software includes programs designed to harvest addresses from websites and forums (network spiders), programs to provide fast mailing, programs that check the validity of email addresses, and many other types.

The software required to distribute spam emails and the server that it is run on can be either bought or rented. It is not at all difficult to find advertisements on the Internet offering spammer software for sale or rent, because its authors do not usually hide their names.

Address collectors

This type of operator serves the spammers by harvesting email addresses for them and developing address databases. Address collectors use software that scans the Internet searching for addresses, and when it finds them, it checks their validity and then places them into a database. A variety of methods are used, for example, the theft of addresses from a service provider with the help of an insider, or the selection of addresses by means of different heuristic algorithms and so-called dictionary attacks.

Virus writers

Virus writers are an inseparable part of the spam industry. They create malicious programs that turn users’ computers into machines that distribute spam, so-called ‘zombie’ machines. By 2004, the majority of spam originated from infected computers bound together to form zombie networks.


Spammers can be divided according to their output:

  • Belonging to the top-ten major spamming companies;
  • One of the hundreds of small companies and individual professionals;
  • One of the thousands of amateur spammers (students, unemployed etc).

A stereotypical spammer is usually thought to be a technically literate, active and unprincipled young person.

Professional mailing services

Professional mailing services are groups of qualified people that use advanced software coupled with the latest spammer information for the purposes of mass mailing.

Amateur spammers

Amateur spammers include two categories – beginners and ‘honest’ spammers.

Beginners try to start their business using technically insufficient means. They buy a provider card and send out spam via a modem or a dedicated line. Mass mailing distributed by this method is not efficient and creates problems for the spammer, such as low mailing speed, outdated databases and the potential blocking of the account by a provider. Thus these types do not account for a big share of the total spam volume.

‘Honest’ spammers are most commonly company marketing staff. They use mass mailing for advertising purposes as it costs almost nothing. The addresses are usually taken from Internet sites and they give their true name and return address, which makes their identification easy.

Clients: who pays spammers?

Spamming is illegal in many countries and this is why it attracts criminals. Spam is extremely popular with those who sell pornography, fake medication and illegal software. Those that organise financial pyramid selling schemes and other fraudulent practices are also particularly interested in spam. Thus mass mailing has become one of the main tools phishers use for their malicious purposes.

In recent years, spam adverting the chance to make a profit from the shares of various listed companies has become more prevalent. This type of spam is therefore most probably initiated by those who gamble on the stock markets in an attempt to influence stock prices in their favour.

The situation in Russia is slightly different. The spammers’ services are often employed by representatives of small businesses trading in such things as electronics, spare parts, cars, legal services, tourism, medicine, etc in order to increase company turnover.


Spam and phishing in Q1 2018

The quarter’s main topic, one that we will likely return to many times this year, is personal data. It remains one of the most sought-after wares in the world of information technology for app and service developers, owners of various agencies, and, of course, cybercriminals. Unfortunately, many users still fail to grasp the need to protect their personal information and don’t pay attention to who and how their data is transferred in social media. Read Full Article


Tens of thousands per Gram

In late 2017, information appeared on specialized resources about a Telegram ICO to finance the launch of its own blockchain platform. The lack of information provided fertile ground for scammers: the rumors prompted mailshots seemingly from official representatives of the platform, inviting people to take part in the ICO and purchase tokens. Read Full Article


Every little bitcoin helps

It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail. Read Full Article


IT threat evolution Q3 2017

Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article


Spam and phishing in Q3 2017

In terms of the average share of spam in global email traffic (58.02%), the third quarter of 2017 was almost identical to the previous reporting period: once again growth was slightly more than one percentage point – 1.05 (and 1.07 p.p. in Q2 2017). As in previous quarters, spammers were quick to react to high-profile events and adapted their fraudulent emails to the news agenda. Read Full Article


Spam and phishing in Q2 2017

In Q2 2017, the average share of spam in global email traffic amounted to 56.97%, which was only 1.07 p.p. more than in the previous quarter. One of the most notable events of this quarter – the WannaCry epidemic – did not go unnoticed by spammers: numerous mass mailings contained offers of assistance in combating the ransomware. Read Full Article