Five Predictions Regarding Spam in 2013

I don’t often like to prognosticate because like most people, I don’t want to be wrong. However in this case, the predictions I am making aren’t based in numbers and statistics; they are much less tangible.

Before we take a look at what is expected as we begin 2013, let’s take a quick look over some of the things we saw in 2012 as these are what I am basing my predictions on.

Spam Goes Down

One of the most significant stories of 2012 was the takedown of the Grum botnet in July causing a huge drop in the Spam Volume Index that hovered around 1000 early in 2012. Right after this army of zombie computers was dismantled, the index fell to below 200 for the first, and only, time all year.

Unfortunately by October the index was back up to around 800 before falling again and then spiking back up to near 600 around the holidays.


In 2012 dating and pharmaceutical spam accounted for more than half of all types of spam. According to reports, diplomas fell to below 1 percent and replica products dipped to almost 4 percent. Spam containing malicious links accounted for 6.68 percent of spam, phishing emails were .04 percent and messages loaded with malware were .01 percent of all spam emails.

And in 2013…

Using the aforementioned information as a foundation, we should expect the following in 2013:

Another Dip in Levels

With huge botnets like Cutwail and Lethic pumping out millions of spam emails a day it is only a matter of time before one of them goes the way of Grum or Rustock. Every year we seem to see the fall of one of the larger botnets and experience a lull in spam related activity. In 2013, one of these two will fall and make headlines loud enough for people to let their guard down. If I had to pick one of the two, I think that Cutwail will be more heavily targeted due to its ability to send spam and launch DDoS attacks.

More Spear Phishing

In 2011 profits netted by cyber criminals fell from $1.1 billion to $500 million when mass phishing was used as the attack method. This fall is usually attributed to botnets popular to phishers being taken down. However smart criminals have learned that by spear phishing, or targeting specific people/organizations, they can net higher profits with less of a chance of being stopped by anti-spam filters. This year, watch for more targeted spear phishing attacks, like the one against the White House, to make the news.

People Will Learn to Read Statistics

One of the worst things regarding security is statistics in the hands of the wrong people. In 2012 we saw the “spam levels plummet” headlines over and over again only to see the volume rise again shortly thereafter. What people often fail to understand is that A) when a botnet goes down so do spam levels – for a short time and B) the levels of spam that make up these statistics often represent the number of spam emails caught by anti-spam filters. All those pesky junk mail messages that sneak by and show up in your inbox aren’t counted. This year, people will start to understand these numbers and how we get them so that they are not lulled into a false sense of security.

Replica Product Spam Will Rise Again

The economy is growing stronger in the US, but people aren’t going to rush out and drop a few hundred dollars on a new bag or designer sunglasses when they can get a good looking replica for less than half the price of the original. People advertising counterfeit products will start some heavy marketing campaigns bringing this type of spam back up in to double-digit numbers.

A New Player Will Enter The Market

Spam sources usually bounce around from the same players: the United States, India, China, Russia and Brazil dominate. This year, however, look for an outsider to make a name for themselves. Since most spam originates from botnets it would need to be a country that has a high number of compromised host computers. Look for someone in Europe to jump into the game.

What about you? Let us know any predictions you have for this year in the comment section.

Written by Jeff


  1. Lisa S. · January 4, 2013

    I think we’ll see more spam from organizations and companies. There might be no important elections this year but in my opinion politicians and other organizations will get more active in email campaigns, which automatically means more spam. Companies, such as MsDonalds, Walmart, etc. are still low on the list of spammers but I think this is because they haven’t adopted email marketing to the fullest. In other words, a shift towards semi-legit forms of spam can be expected in 2013.

  2. Leila · January 28, 2013

    Based on the comments I read here, most don’t want to create a clear distinction between spam and phishing. As for me, I believe that phishing is definitely more dangerous than spam. In fact, I find spam more laughable these days because most of them now end up in the Junk Mail. Many spammers, moreover, still don’t learn, and they’re stuck with poorly written headlines and equally bad content. Phishing, however, needs more meticulous eyes and a more effective gut feel. I’ve almost fallen for it twice! The fake e-mail just sounds and looks like the regular mail I received from these companies.

Leave A Reply