SpamRATS

Statistics

Here are some statistics that you may find interesting. If you have any other suggestions for statistics that you'd like to see, feel free to contact us.

Invalid User Traffic

The following graph represents the volume of traffic attempting to send email to email addresses that do not exist.

Invalid User Traffic Volume

There are many legitimate reasons an email could be sent to an invalid user, such as a typo being made in the email address. However, when it comes to high volumes this could be an indication of more a deliberate intent. For example:

  • Spam Campaigns where bad actors send spam to as many potential inboxes as possible
  • List Washing where bad actors acquire a list of email addresses and attempts to 'clean' the list by testing all the addresses in that list
  • Probing where bad actors look for valid email address by guessing usernames for each domain

Each column on this graph represents one week's worth of activity.

Authentication Attack Traffic

The following graph represents the number of unique sources attempting to perform authentication attacks (any form of password guessing attacks) by network.

Authentication Attack Traffic Volume

Nowadays, we observe that major cloud services are being abused more and more frequently for use in authentication attacks. We are just as surprised as you may be when looking at the source of these authentication attacks. The trend towards utilizing these cloud services for malicious attacks is concerning.

These cloud services do not provide any transparency as to who or what is behind the attack, leaving the targets and victims vulnerable. Even if you block one offending IP, another IP from that network will come knocking on your server's door. This provides a haven where threat actors can hide behind a service and remain anonymous while performing password guessing attacks.


Many thanks to our Sponsors, Subscription Holders, Users and Contributors.