Project Honey Pot Receives Its Billionth Spam Message

Project Honey Pot is a side project by Unspam Technologies, and “gathers statistics on Internet robots and the spammers who sometimes use them to steal email addresses”. As I understand it, they work with website publishers to serve up fake, unique email addresses on web pages. Spammers’ bots discover these email addresses and start directing spam email at them. When they do, the project gathers information about when and from where the spam originated.

Apparently they then “work with law enforcement authorities to track down and prosecute spammers”. If they do, they ought to put some success stories on their website. I see value in the data collection, but I’d see more value in fewer spammers in the wild.

In any case, they just tracked their billionth spam message:

The message…was a United States Internal Revenue Service (IRS) phishing scam. The spam email was sent by a bot running on a compromised machine in India (122.167.68.1). The spamtrap address to which the message was sent was originally harvested on November 4, 2007 by a particularly nasty harvester (74.53.249.34) that is responsible for 53,022,293 other spam messages that have been received by Project Honey Pot.

They’ve published a bunch of statistics about the data they collect. A few highlights:

• Monday is the busiest day of the week for email spam, while Saturday is the quietest.
• Malicious bots have increased at a compound annual growth rate (CAGR) of 378% since Project Honey Pot started.
• It takes the average spammer 2 and a half weeks from when they first harvest your email address to when they send you your first spam message, but that’s twice as fast as they were five years ago.

I’ve said this before, but, thanks to Gmail, my email spam problem has nearly disappeared in the past couple of years.