Project Honey Pot: 1 Billion Spammers Served

image One of my fav service providers, Project Honey Pot is a community of tens of thousands of web and email administrators from more than 170 countries around the world who are working together to track online fraud and abuse. The Project has been online since 2004 and each day receives millions of email and comment spam messages which are catalogued and shared with law enforcement and security partners.

If you run a website, own a domain, or contribute to an online forum you can join Project Honey Pot or at the very least check them out. I’d like to highlight their “1 Billion Spammers Served” post and recommend that you read it.

Our 1 Billionth Spam Message

Dec 15, 2009

imageOn Wednesday, December 9, 2009 at 06:20 (GMT) Project Honey Pot received its billionth email spam message. The message, a picture of which is displayed below, was a United States Internal Revenue Service (IRS) phishing scam. The spam email was sent by a bot running on a compromised machine in India ( The spamtrap address to which the message was sent was originally harvested on November 4, 2007 by a particularly nasty harvester ( that is responsible for 53,022,293 other spam messages that have been received by Project Honey Pot.

Every time Project Honey Pot receives a message we estimate that another 125,000 are sent to real victims. Our billionth message represents approximately 125 trillion spam messages that have been sent since Project Honey Pot started in 2004.

At this milestone, we wanted to take a second to report some of our findings. Our goal is not to rehash the same old insights but instead to give a new picture that only looking at five years and a billion data points can produce. (There are a lot of charts, tables, and visuals tracking the statistics like this one.)

We decided to look at the number of compromised machines operating within the country divided by the number of security professionals operating in the country. This gives us a relative IT security score. As a proxy for the number of security professionals we used members in Project Honey Pot. Here are the results:


Read more…

About Gandalfe

Just an itinerant saxophonist trying to find life between the changes. I have retired from the Corps of Engineers and Microsoft. I am an admin on the Woodwind Forum, run the Seattle Solid GOLD Big Band (formerly the Microsoft Jumpin' Jive Orchestra) a GOLD sax quartet, and enjoy time with family and friends.
This entry was posted in Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s