Monthly Archives: December 2009

Project Honeypot

A couple years ago I signed up for Project Honeypot, which is a distributed network of fake email domains set up to catch spam for research purposes. All I had to do was create a subdomain off of a domain I already had (I didn’t use any WOU resources for this) and set it up to point to the Project Honeypot servers, and then forget about it. They don’t even need access to my site or anything.

So anyway, I hadn’t thought about this in a while, but this morning they sent me a notification that they’d caught their one billionth spam message (which happened to be an IRS phishing scam, in case you’re curious.) They also included some statistics (Quoted from their email:)

  • Monday is the busiest day of the week for email spam, Saturday is thequietest
  • 12:00 (GMT) is the busiest hour of the day for spam, 23:00 (GMT) is the quietest
  • Malicious bots have increased at a compound annual growth rate (CAGR) of 378% since Project Honey Pot started
  • Over the last five years, you’d have been 9 times more likely to get a phishing message for Chase Bank than Bank of America, however Facebook is rapidly becoming the most phished organization online
  • Finland has some of the best computer security in the world, China some of the worst
  • It takes the average spammer 2 and a half weeks from when they first harvest your email address to when they send you your first spam message, but that’s twice as fast as they were five years ago
  • Every time your email address is harvested from a website, you can expect to receive more than 850 spam messages
  • Spammers take holidays too: spam volumes drop nearly 21% on Christmas Day and 32% on New Year’s Day

You can find lots more here.