Botnets and viruses and phishing, oh my!

MessageLabs released their monthly report on email threats yesterday. Many media outlets picked up and reported that 41% of spam was from a the Rustock botnet.
Other highlights from the report include:

  • Spam accounts for over 92% of all email.
  • 95% of spam was sent from botnets at the end of July 2010.
  • One in 327 emails contains malware and one in 363 emails is a phish.
  • The number of rustock infected machines is falling, but the amount of mail each one is sending is increasing.
  • More than 107 billion emails are being sent through botnets every day.

The end of the report things that, to my mind, should be of significant concern to legitimate marketers. Spammers are adopting tactics from marketers in order to hook users and probably evade detection by ISPs. These include personalizing email (examples) and using image only spam (examples).
One of the recommendations that I’ve repeatedly made here is that legitimate senders should not do things that make their mail look like spam. Sending image only emails is one way for marketers to look like spammers.
The other thing that stands out to me from this report is how small the percentage of legitimate marketing email is. 92% of email is spam. Let’s assume that no one reading this blog is part of that 92%, that means only 8% of mail is not-spam. How much of that is marketing is probably up for debate, but I don’t think that more than 50% of legitimate email is marketing (the other 50% is mail from friends and family, social networking notices and discussion groups).
With those numbers, I can understand why ISPs don’t focus as much as some marketers might like on false positives with spam filtering. In percentage terms it is a tiny fraction of mail and most consumer ISPs provide end users with the ability to override bulk foldering if the recipients really want that mail.
ISPs are the front line against criminals on the Internet. Blocking email is one of the primary ways they protect people. Given the extent of spam and malevolence of spammers they are to be commended for creating systems that have such a low percentage of false positives.

Goodmail for sale?
Gmail and SenderScore

Related Posts

Time to step up

Neil Schwartzman reacts to yesterday’s link post.

Read More

Appendleads is not unusual

I called out David Williams from appendleads.com yesterday for his spam. Sure he’s a spammer, his database is full of garbage information and his email violates CAN SPAM but he’s not that unusual in the realm of list sellers. He is very typical of the people I see offering lists for sale.
List sellers are the internet version of used car salesmen. Everyone knows they are slimy sales guys who will do anything to close the sale. They don’t have a real web presence, just visit appendleads.com and see what I mean.
And yet, people still buy lists from them! I have no doubt that my spammer friend has a nice little business selling email addresses. He sends out spam, he gets a few responses, makes a tidy profit and then sends out another spam, hooks a few more people and makes more money.
OK, so not all list sellers are like appendleads. Some of them go so far to build a website. But at the core they’re the same. They are selling data that isn’t clean, it’s not opt-in, it’s not been verified.
This is why so many of us harp on not buying lists. The sales guys talk a great game, but they aren’t selling what purchasers think they’re getting. They also don’t care. They have no incentive to clean up their data. They have no incentive to accurately represent what they’re selling. All of the risk is on the person that sends the email. Once they have their money, the buyer is on their own.
Can you ever successfully purchase a list? I’m sure some senders have. But that experience is closer to winning more than a thousand dollars in the lottery than an actual good business decision.

Read More

Bad year coming for sloppy marketers

MediaPost had an article written by George Bilbrey talking about how 2010 could be a difficult year for marketers with marginal practices. George starts off the article by noticing that his contact at ISPs are talking up how legitimate companies with bad practices are causing them problems and are showing up on the radar.
This is something I talked about a few weeks ago, in a series of blog posts looking at the changes in 2010. The signs are out there, and companies with marginal practices are going to see delivery get a lot more difficult. George lists some practices that he sees as problems.

Read More