The Scourge of Spam

Choose an area of interest:

Member Sign Up
Member Log On
Edit Member Profile
Newsletters
Editorial Inquiries
Privacy Policy
Reader Profile
About Us
Contact Us
Advertise

NewsLine
Columnists & Columns
Newsletters
Opinion Poll

Search Archives
Resources/Tools
Associations, Societies & Firms
Federal and State Link Library
Newsletters & Journals
CPA Exam Study Guides
Glossary

Search Jobs
Post Resume
Career Resources
Company Gallery
Professional Designations
Internships
Colleges & Universities
Post Jobs/Search Resumes

Login to Professional Education Center
Login to FMN Online
Login to CPA Report Online
Login to FMN Self-Study PEC
Login to CPA Report Self-Study PEC
FMN Video Subscriber Center
CPA Report Video Subscriber Center
Accounting & Finance CPE Programs
Corporate Training
Ethics & Compliance
Association Reseller Program
e-Learning Consulting
Engineering Education Programs

Professional Education Center
SmartPros Book Digests
Wiley Book Corner

Choose an area of interest:

Byte of Success
The Scourge of Spam

December 2003 "Spam is truly out of control and the response of ISPs is inadequate," my friend Jim complained. He continued with the following story. "I had an upgraded account (cost some money) with Yahoo. It became overridden with spam so I asked them to move my payment to follow me to a new account. They would not. Still, I opened a new free Yahoo account. Despite having shared my new address with under 5 people, and I was deluged with spam within 24 hours!"

Jim is not alone with either the use and frustration of disposable email accounts or the horror of email spam. IDC predicts that there will be over 2 trillion spam messages in 2003. There will be plenty to go around! Spam assails us when we open mail at work and at home.

Let's discuss the expensive spam at work. Ferris Research estimates that the annual cost of junk email to US business is now $8.9 billion. They measure time wasted opening email spam messages and deleting them; that cost is much higher when considering wasted bandwidth and infrastructure put in place to support the bombardment of non-business email. In fact, Radicati Group found that 99% of email attachments in the business setting are not business related.

Despite legislative and industry efforts, this problem will not be ending anytime soon. Understanding some the reasons why will help us prepare our response.

Spam is big business. Not only do some of the spammers make good money fooling some of us, the anti-spam industry will earn $600 million in 2003. Thus, some of the cleverest people of the technologies to resolve this problem have a stake in encouraging an evolving sophistication of spam.
The worst and most disrespectful spam is created by creeps. These are people with pathologically antisocial behavior that do not care about the toll of the spam that they inflict upon business, much like many of the authors of viruses. They are just more opportunistic, by looking at the revenue potential of their actions. The senders of this spam are unrelenting. Even the anti-spam databases have come under attack with some of the more recent viruses and worms.
We do not train our employees properly. According to one recent survey, 90% of employees send and receive personal email at work. While 75% of employers have a written email policy, only 48% of employers provide e-policy education and only 27% offer email retention/deletion training. To become vigilant about spam and protective of company email, we must spend sometime teaching our employees about spam, viruses, and some practices to avoid them. This learning is ongoing as the workplace risk or recommended responses change.

Steps to take. There is no panacea to spam. Adopting some or most of the following ideas should increase your resilience to virus attack via email and cut down the disruptions and harassment associated with email.

Filter and scan at least twice. In most workplaces, email enters through one access point, the connection to the Internet, goes to a mail server, and is then distributed to the correct email subscriber. Each stop presents a chance to scan the email for viruses, inappropriate content, and spam. Invest in anti-spam software and make sure that it is adaptive. The scanning should be done during at least two of those three hops. Some great desktop anti-spam solutions include Spamnet, SpamBayes, IHateSpam (SunbeltSoftware.com) and Brightmail (Brightmail.com).
Invest in training. Training, training, training – an informed user can reduce the disruption and risk associated with email.
Consider outsourcing. Some tasks are not core competencies and difficult to do well. Your staff may find it difficult to stay abreast with spam, virus, and other mail vulnerabilities while doing the rest of their jobs. Instead, find an expert who hosts mail for others. Some choices include Simplicato (Simplicato.com) and Brightmail. Alternatively, talk with your ISP to find out about their services. Remember, that this is much more than simple mail hosting.
Stay up-to-date on the law. As more jurisdictions look to rid their areas of spam and other abusive email, you must stay attentive to the legal impact this may have on your corporate email. This may involve the changing definitions of permission-based e-marketing that you are involved in or privacy of email lists.
Keep personal email out. Turn off access to the major private disposable email like Yahoo, Hotmail, and AOL. Browsing through personal email on company computers creates all sorts of risk, since these rarely have virus scanners and filters. In addition, these are frequently bombarded with harassing spam.
Give out disposable email account information for disposable needs. Yes, those email accounts I just told you to restrict in the workplace.
Consider cutting back on email use and access to the Internet. Many companies are doing it. Phone service is less expensive. Instant messaging is more immediate. Mobile phone email is more mobile. The operative question is: "Is our email use making us more productive?"

Email trends. Being aware of email trends is an important part of the beginnings of ongoing training. Here are three tidbits.

Some of the more adaptable worms are capable of email identity theft. The theft takes place when messages are sent by a user pretending to be coming from you. In some cases, the message is sent to strangers who, coming under attack, start blacklisting your email address. In others, the email is socially engineered to go to people who know you with a hidden payload. Finally, in others, the message misrepresents you and your organization. Brightmail is now also selling a product to inform you when it suspects your identity has been stolen.
IDC predicts that the annual rate of email box growth is 18% to an expected 1.5 billion boxes by 2005. Some of that growth comes from many of us having multiple email accounts. FuseMail (FuseMail.com) offers a way to consolidate all of your email and detect and filter spam in all of them.
Email spam is just one manifestation of opportunists looking to take advantage of a technology to create anarchy or personal profit. Viruses, worms, and trojans are still vulnerabilities for email. In addition, new conveniences of communication are susceptible to new vulnerabilities. Instant messaging (IM) now has 60 published vulnerabilities and is subject to spIM. Even cell phone SMS messaging is now subject to SMS spam.

Email spam is not going away. What are you doing to minimize its impact?

CHAIM YUDKOWSKY, CPA, CITP, is president of Byte of Success Inc., a technology consulting company specializing in helping small and mid-size business grow using technology. He is available for both consultation and speaking. He may be reached at cyudkowsky@byteofsuccess.com.

		Related Stories

		Are We Too Trusting? The Evolution of the E-Meeting On the Job Training IM in a Corporate Environment


		Related Courses

		Professional Education Center

Would you recommend this article?

5 (yes, highly)
4
3
2
1 (no, not at all)

Comments: