Conclusions of the Global S.P.A.M Diaries Project

Dylan over at eROI posted a link to a story today that immediately grabbed my attention: What Happens When You Reply to ALL of Your Spam. My first reaction was that it was just madness, who would even want to participate in this type of experiment or have time to do that considering all the spam we get. I read on to find out that it was an experiment that McAfee was running with the incentive of getting a free PC.

A housewife told her story which began on April Fool's Day. The experiment (Spammed Persistently All Month (S.P.A.M.)) was to answer each and every spam message and pop-up on their PC over a 30 day period. My first question that arose was, are they experimenting on the free PC and if so, who would want to use the test computer afterward considering the spam and pop ups were probably loaded with viruses? However considering McAfee's expertise in antivirus solutions, I'm assuming McAfee took care of that for them afterward.

McAfee's goal was to have 50 volunteers from around the world participate in this Global S.P.A.M. Diaries project. Some of the objectives of the campaign included:

• Allowing users to go where they never sought to before, to see if these susceptible calls to action where too good to be true

• Educating users in helping them identify spam emails and the risks associated with them

The total spam count allotted to 104,832 messages in a 30 day time frame. Each participant received roughly 2,096 messages or 70 messages a day. Of all the countries that participated the U.S. received the most spam with over 20,000 messages.

The conclusions from the campaign McAfee found included the following:

• Spam is still out there in abundance: Despite everyone’s efforts and precautions, it is a still a very real threat that grows at a phenomenal pace. Once subscribed, our participants proved it is almost impossible to unsubscribe from spam lists and as time passes this only gets worse.
  

• Spammers will stop at nothing! The nature of the spam received has given valuable insight into the social engineering aspects of spam that we have seen grow in the last few years; from religion, death and sick children to enticing people with offers of free products, cash and money for loans - the spammers will literally use any subject to scam people or steal valuable data from individuals or businesses. The current “credit crunch” means financial spam is very popular at the moment.
  

• Spam and cybercrime are linked: The fact that most participants received some phishing emails in such a short space of time, even though they had new email addresses, proves the danger spam carries. We should all take caution in opening suspicious emails and giving out our email addresses in cyberspace.
  

• Non-English Spam is growing: The diversification of languages of spam was higher than expected, proving that participants in different geographies receive different types of spam depending on their location. Local language spam is often harder to detect, because it is less common and this trend proves spammers are putting in more and more effort to remain inconspicuous. McAfee continues to investigate the growth of foreign language spam and predicts this as “an area to watch” in the future, as spam becomes more targeted and localized.
  

• Mobile spam has yet to really take off: Although this area doesn’t seem to have been fully embraced, many of our participants being asked to give mobile numbers. McAfee predicts mobile spam will start to grow at a similar speed to email-based spam in the near future.
  

• Even if people think they know the danger of spam, they don’t understand the true extent: McAfee’s participants came from all walks of life, from all over the world. Given their interest to take part in the experiment, they were all aware of the problem of spam, yet they were all shocked by the sheer amount of spam they attracted in a short time and the lengths the spammers would go to gain success.
  

• There’s no such thing as a free lunch! However tempting an offer looks, they are almost always too good to be true!

Source: McAfee Global Spam Diaries

Key takeaway from this experiment - be careful what you click on! If you are unsure of the 'From' recipient, don't open it!