Think of where your spam comes from and the usual suspects, according to most surveys of such things by the security and messaging experts, turn out to be the good old US of A, Russia and China which between them accounted for 33.8 percent of all spam in the last quarter of 2007. However, in a new survey by Sophos, the US is down in 64th place, Russia 45th and China 132nd. So why the big difference? Simple, this survey has looked at spam relaying in terms of the volume per capita rather than just the volume per se.

"Between October-December 2007, the US relayed far more spam than any other country due to the sheer number of computers in the country that had been taken over by remote hackers," said Carole Theriault, senior security consultant at Sophos. "But when measuring spam emitted per capita, the results are very different. Most of the countries in this chart have very small populations compared to the usual offenders, but their totals are sky high when it comes to spam emitted on a per-person basis. Just because your PC is located on a remote island in the South Pacific doesn't mean it's not contributing to the global spam problem. All computer users, wherever they are in the world, need to wake up to the threats and ensure their PCs are properly protected."

Well yes, contributing but not contributing that much in the overall scheme of things. Let's take the top of the spamming pops, the Pitcairn Islands. According to the latest July 2007 estimate, the total population is, wait for it, just 47 people. Sophos does not actually release the amount of spam, as a global percentage, being distributed by the Pitcairn Islander(s) concerned, but my hunch is that it won't be a huge figure.

The Sophos top ten for spammers based on the volume emitted per capita is:

  1. The Pitcairn Islands
  2. Niue
  3. Tokelau
  4. Anguilla
  5. Faroe Islands
  6. Monaco
  7. Bermuda
  8. Falkland Islands
  9. Andorra
  10. Aruba

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

Is this because the real spammers are there, or because the computers crackers have taken over are there?

The article starter has earned a lot of community kudos, and such articles offer a bounty for quality replies.