Feeds

Where the heck is all this spam coming from?

Filter Fish

  • alert
  • submit to reddit

High performance access to file storage

ComputerWire: IT Industry Intelligence

The growth of the spam problem in 2002 has been exponential,

writes Kevin Murphy

. Companies that sell spam filtering software say currently the percentage of email that is spam could be 20%, 33%, or even up to 50%, compared to less than 10% a year ago.

While the rise in spam is easy to notice, it is hard to quantify. Spam is by definition "unsolicited commercial email", and often spamees cannot remember signing up to have their email addresses added to lists, or were not aware they were doing so.

BrightMail Inc, the market leader in anti-spam services, says emails sent to its honey-pot email addresses are by definition unsolicited, and that it has seen spam on its customers' networks increase from 8% of mail to 41% of mail in the last 14 months.

Wasting time deleting UCE can be a productivity concern for enterprises. A survey by SurfControl Plc said 25% of enterprise email is spam and that each message costs up to a dollar. CloudMark Inc said 10 spams per day could cost a company $86 per employee per year.

Even if getting spam was free, there's a general consensus it's still annoying enough to want to filter. But why has it become so much of a problem this year? We asked executives from companies that provide anti-spam software and services to explain.

"Now anyone can do it," said Pavni Divanji, CEO of MailFrontier Inc. "The process is so streamlined. You can buy a CD of email addresses, buy mailing software, find an open relay and start doing it. People think it's easy and that they can make a few dollars off it."

The economics of spam are attractive for both the spammers and the companies that pay them to spam, particularly given the macro economy in the US. Email marketing has low response rates, typically less than half a percent, but is very, very cheap.

Growing numbers of e-businesses can't blow $50m of IPO money on TV and direct mail campaigns any more, and all the people they laid off into a depressed job market are looking for new sources of income.

Enrique Salem, CEO of BrightMail, said he talked to a spammer last week who was paid $1,500 to send one million spams. Even with a response rate of just one tenth of a percent, that's 1,000 likely customers reached for $1.50 a head. For the spammer, the cost was negligible.

"A lot of the Chinese, Korean and Latin American spam originates in the US ... People are looking at alternate ways to make money. It's a way to augment their income," said Salem. "Companies are looking at alternative ways to market and reach customers."

It's also exceptionally easy to get started as a spammer. CDs of 150 million email addresses can be bought for as little as $100 online. Web sites maintain lists of open email relays, many in Asia, which can be used to push mail through.

"The social stigma has gone," said MailFrontier's Divanji. "People don't think twice about doing it."

This point is debatable. While spammers think as long as no laws are broken they are not doing anything wrong, recent published interviews with spammers tell stories of harassment from irate spamees, both online and off.

But, just as finding people who respond to spam is a numbers game, finding people who have no ethical qualms with eating the bandwidth of millions of people and giving them headaches every morning should be easy.

"If this trend continues unchecked, it's going to make email unusable," said Salem.

© ComputerWire

Related stories

Climbing Spam Mountain
E-card slimeware delivers pr0n
MSN Messenger is new spam vector
Porn spam on the rise
Europe bans spam

O'Really Merchandise at El Reg
How to trace spammers and deal with them - permanently

High performance access to file storage

More from The Register

next story
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
France bans managers from contacting workers outside business hours
«Email? Mais non ... il est plus tard que six heures du soir!»
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.