Spam Levels Plummet as Host is Shut Off

Worldwide levels of spam plummeted earlier this week after two Internet service provioders cut service to McColo Corp., a firm estimated to have been responsible for as much as 75% of the world’s spam on any given day.

Estimates put the drop anywhere between 40% and 75%.
Global Crossing and Hurricane electric shut McColo off after months of research by Internet security experts and Washington Post technology writer Brian Krebs, who broke the story.

Ironport Systems reported a 60% drop after McColo was taken offline, but warned that the dip would probably be temporary as the spammers would likely soon find other hosts.

Deliverability consultant Laura Atkins, proprietor of Word to the Wise, said her ISP sources are also reporting a significant drop in the amount of spam they’re receiving.

“I'm hearing a lot of information from various sources showing a 30% to 50% drop in volumes through different measures,” she said. “This is reflected in my own spam volumes, too. Overnight collections have dropped from close to a thousand emails to a few hundred.”

McColo has been long tracked by Internet security experts who suspect it of hosting criminal spamming, phishing and child pornography operations.

HostExploit.com yesterday published a report dubbed McColo—Cyber Crime USA by a group of Internet security experts estimating McColo has been responsible or from 50% to 75% of the world’s spam.

The report charges that McColo hosted command-and-control servers for some of the world’s largest botnet, or armies of computers that have been hijacked by spammers remotely to send e-mail on their behalf without their owners’ knowledge.

The report estimates that one campaign originating from McColo stole financial information from 500,000 people.
Also, according to the report, McColo has provided services to at least 40 child-pornography sites and child-pornography online payment systems.

News of McColo’s shutdown comes two months after network provider Intercage, which was suspected of hosting spam, malware and other fraudulent activity, was disconnected by its providers.

As is suspected will be the case with McColo, Intercage's shut down resulted in a brief decline in the amount of spam worldwide. However, volumes returned to normal levels as the criminals found new hosts.

As of Thursday, McColo’s site was down.