Email Security Reading Time: 3 minutes

It might come as a surprise to learn that Utah – with its beautiful terrain and picturesque views – could be a hive of activity for the origination of spam emails.

But Utah isn’t alone and finds itself on a podium along with major IT hubs like California and New York, according to a new analysis by the Comodo Threat Research Labs that identifies which states are homes to the most spam sent.

Part of the Comodo Threat Research Labs’ offerings is filtering email to protect customers from malware, spam, spyware, Trojans and other harmful cyberattacks and to keep their endpoints secure.  The engineers at Comodo studied all of the email they filtered for customers in the second half of 2015, specifically looking at spam, and conducted an IP address analysis of the millions of pieces of email spam that came into the Comodo Threat Research Labs.

Through that specific IP analysis, the researchers at Comodo were able to break out all of the spam that it filtered and break it down by the specific 50 U.S. states (plus the District of Columbia) to determine where the spam originated from.

IP addresses from California and New York sent nearly half of the spam Comodo filtered, totaling 46.73 percent, while Utah, Michigan and New Jersey IP addresses rounded out the top five states.

Rhode Island, Hawaii and Maine had too small of a spam IP number to register a percentage.   The full breakdown by state and percentage is below:


State Percentage of total U.S. spam filtered by Comodo
California 24.37
New York 22.36
Utah 19.43
Michigan 10.79
New Jersey 3.68
Texas 3.48
Pennsylvania 2.1
Washington 2.04
Nevada 1.96
Georgia 1.94
Missouri 1.81
Florida 1.27
Illinois 0.59
Colorado 0.54
Arizona 0.47
Virginia 0.46
Oregon 0.44
Oklahoma 0.37
Ohio 0.32
Delaware 0.31
Massachusetts 0.25
North Carolina 0.14
Indiana 0.13
Wyoming 0.11
Kansas 0.09
Minnesota 0.08
South Carolina 0.05
Connecticut 0.05
New Mexico 0.05
Tennessee 0.04
District of Columbia* 0.04
Wisconsin 0.03
Arkansas 0.03
Kentucky 0.02
Iowa 0.02
Maryland 0.02
Louisiana 0.02
Nebraska 0.02
Alabama 0.02
West Virginia 0.01
Alaska 0.01
New Hampshire 0.01
South Dakota 0.01
Vermont 0.01
North Dakota 0.01
Idaho 0.01
Mississippi 0.01
Montana 0.01
Maine 0
Hawaii 0
Rhode Island 0
Total 100%

*Although not a U.S. State, spam originating from IP addresses from the District of Columbia was able to be identified

“California and New York were not really surprising in terms of the top two states because of population and technology innovation taking place in those geographies— but finding Utah and Michigan in the top five was somewhat shocking,” said Fatih Orhan, Comodo’s Director of Technology and lead at the Comodo Threat Research Labs.  “Millions of pieces of spam are being sent every day, and many customers rely on Comodo and our technology to help protect their enterprises across the U.S. and around the globe by filtering this spam, protecting their endpoints and never letting it penetrate their IT networks.”

Readers of this blog can view an interactive heat map of the findings here:

The Comodo Threat Research Labs team is made up of more than 40  IT security professionals, ethical hackers, computer scientists and engineers, all full-time Comodo employees, analyzing and filtering spam, phishing and malware from across the globe. With offices in the U.S., Turkey, Ukraine, the Philippines and India, the CTRL team analyzes more than 1 million potential pieces of phishing, spam or other malicious/unwanted emails per day, using the insights and findings to secure and protect its current customer base and the at-large public, enterprise and Internet community.

If you feel your company’s IT environment is under attack from phishing, malware, spyware or cyberattacks, contact the security consultants at Comodo at


IT Service Desk Provider