When they turned off the lights off at McColo a few weeks back, the worldwide volume of spam dropped 65% in an instant.
And that’s not all according to the Washington Post, because McColo was also home to one of the most successful email harvesting operations in the world.
Illegal spamming operations are as dependent on an ever-expanding list of email addresses as they are on botnets, the fleet of compromised personal computers that spew out the spam in the first place.
Spam distribution lists are assembled by special computer programs that scour web sites for email addresses. Criminals in charge of the programs sell the addresses to spammers who use them both as destinations for their offers and as a sham source for them.
That makes the spam appear like it comes from actual people.
Security experts estimate that every email address captured by a special program like the ones hosted on McColo servers will likely receive 2,000 junk emails per year.
“Consider what this means for a single law firm that publishes the email addresses for its 50 attorneys,” Security guru Matthew Prince told the Post. “After the firm’s site gets crawled by the bots at McColo, that means the firm can expect to receive at least 100,000 more pieces of spam than it would have otherwise.”
Even though spammers have hundreds of millions of email addresses on hand, new email addresses are the lifeblood of their business. That’s because the percentage of people who actually buy anything from a particular spam solicitation is vanishingly small.
For example, University of California scientists who studied a particularly large pharmaceutical spam operation estimated that only 1 out of 12 million spam emails led to a money transaction.
That was enough to support revenues in excess of $7,000 per day.