From the Security Experts

July 15, 2009

No Spam for Me, Thanks

By SIP Trunking Report Channel Editor

Spam is an annoyance. Most people know that a suspicions e-mail or catchy sounding advertisement in the subject line could potentially not only be spam, but some sort of virus.
According to a survey released today by the Messaging Anti-Abuse Working Group, also known as MAAWG, almost one-third of consumers admitted to responding to a message they suspected might be spam and about 80 percent of users doubted their computers were at risk of ever being infected with a "bot," which is a covertly planted virus capable of sending spam or causing other damage without the owner's knowledge.

The first rule of the unofficial rules for e-mailing is to never open a suspicions e-mail or a suspicious e-mail with an attachment. Therefore the results from MAAWG commissioned study, "A Look at Consumers' Awareness of Email Security and Practices," shows a lack of awareness among consumers since industry reports indicate bots are responsible for generating much of today's illegitimate email.
The survey, based on 800 interviews with computer users but not “security experts” in the United States and Canada, measured users' understanding of messaging threats and asked them to identify how best to work with users in removing bots and viruses from infected systems.
About two-thirds of the consumers surveyed considered themselves "very" or "somewhat" knowledgeable in Internet security.
"Spamming has morphed from an isolated hacker playing with some code into a well-developed underground economy that feeds off reputable users' machines to avoid detection. Consumers shouldn't be afraid to use e-mail, but they need to be computer smart and learn how to avoid these problems," said MAAWG Chair Michael O'Reirdan.
Most consumers use anti-virus software and more than half said they never click on suspected spam, the survey found that 21 percent take no action to prevent abusive messages from entering their inbox. Sixty-three percent said they would allow their network operator or anti-virus vendor to remotely access their computer to remove detected bots.
Ferris Research, Inc., an industry analysis firm that tracks messaging issues, said service providers and vendors, based on the survey findings, should consider offering remote bot mitigation capabilities to differentiate their services from competitors. Vendors also might consider refining spam filters based on the specific patterns defined in the study.
The MAAWG survey found that users between the ages of 24 and 44 are more likely to use email for banking and bill statements, so industry vendors might focus on preventing phishing spam for these consumers.
"According to the MAAWG findings, about one in six people are prepared to make an effort to report spam and the industry should find more ways to tap into this potential. Conversely, the volume of people who still respond to spam is regrettable because it's an economic incentive to spammers," said Ferris Research Principal David Ferris.
This is the first consumer survey commissioned by MAAWG, the complete 60-page survey report, "A Look at Consumers' Awareness of E-mail Security and Practices or 'Of Course I Never Reply to Spam, Except Sometimes' " can be found on the company Web site.

Jessica Kostek is a channel editor for TMCnet, covering VoIP, CRM, call center and wireless technologies. To read more of Jessica’s articles, please visit her columnist page.

Edited by Jessica Kostek