The State Of Spam - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

09:25 AM

The State Of Spam

Filters have gotten so effective at keeping junk e-mail away from users that there's little public outcry against spam today. But behind the scenes, the problem is worse than ever--and it could mask a serious, real-world threat.

Phishing Comes To The Fore
On top of that, there's yet another type of spam that wreaks serious financial losses for its victims: phishing, the trick of fraudulently acquiring personal information, usually about credit cards or other accounts. Spammers aren't just pushing snake oil anymore; they're trying to clean out your bank account.

The State Of Spam

•  Introduction

•  Phishing Comes To The Fore

•  America, The Spam Leader

•  Hidden Costs

•  How Not To Fight Spam

•  Taking On Phishing

•  A Bleak Outlook

Nearly six out of ten business PC users receive at least one phishing e-mail every day, and 22 percent receive more than five a day, according to a recent poll conducted by computer security firm Sophos Plc. Phishing attempts worldwide have nearly doubled, the Anti-Phishing Working Group found. The organization, whose 1,500 corporate members include eight of the top 10 U.S. banks and four of the top five U.S. ISPs, detected 15,244 unique phishing reports in December 2005, up from 8,829 in December 2004.

To hear IBM tell it, though, the new strain of spam is spreading even more quickly. Big Blue announced in January that the number of viruses delivered via e-mail declined by about half from 2004 to 2005 to about 2.8 percent of all e-mail. But phishing attempts tripled, to an average of one in every 304 messages, because of increased use of botnets to generate massive volumes of scam e-mail.

By far, the companies spoofed most frequently by phishing attempts are eBay and PayPal, but banks are getting hit too. "We have to look at the online economy as under attack," Schwartzman says.

"Even the weak provisions of [the CAN-SPAM Act] are being violated with impunity by spammers every day." —John C. Mozena, CAUCE U.S.

America, The Spam Leader
One misconception about spam is that it's largely the work of foreigners. In fact, America is the world's biggest spammer. According to Sophos, more spam (23.1 percent) was relayed through the United States than any other country during the first three months of the year -- though China, including Hong Kong, is a close second at 21.9 percent. South Korea is a distant third at 9.8 percent.

Existing laws haven't put much of a dent in America's reign as the king of spam. The CAN-SPAM Act of 2003 (which stands for Controlling the Assault of Non-Solicited Pornography and Marketing) didn't actually make spam illegal, but it prohibits deceptive subject lines and requires that recipients be given an opt-out method.

"We have a very weak federal anti-spam law," says John C. Mozena, co-founder and vice president of CAUCE in the United States. "But even the weak provisions of that law are being violated with impunity by spammers every day. The Federal Trade Commission and Department of Justice and other bodies with enforcement capabilities under CAN-SPAM don't have the resources [to enforce the law]."

It's no secret who's guilty. The Spamhaus Project, a London-based nonprofit that tracks spammers worldwide, posts its own Top 10 list of "the worst of the career spammers causing the most damage on the Internet currently," including their names, aliases, and operations.

But prosecutions can be costly. Microsoft, for example, has found them a losing proposition. John Scarrow, general manager of Microsoft's anti-spam and anti-phishing strategy team, says the company has filed 112 anti-spam lawsuits in U.S. courts and has been awarded more than $869 million in judgments, but it spends much more money in court costs than it receives in settlements.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2 of 4
Comment  | 
Print  | 
More Insights
2019 State of DevOps
2019 State of DevOps
DevOps is needed in today's business environment, where improved application security is essential and users demand more applications, services, and features fast. We sought to see where DevOps adoption and deployment stand, this report summarizes our survey findings. Find out what the survey revealed today.
Will AI and Machine Learning Break Cloud Architectures?
Lisa Morgan, Freelance Writer,  6/10/2019
9 Steps Toward Ethical AI
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/15/2019
Humans' Fascination with Artificial General Intelligence
Guest Commentary, Guest Commentary,  6/6/2019
Register for InformationWeek Newsletters
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll