Title: Mark Gibbs
1Spam and the Enterprise Background, Economics
and Strategies
- Mark Gibbs
- Gibbs Co.
- mgibbs_at_gibbs.comwww.gibbs.com
2E-mail is Losing Its Value
3The Spam Problem
Nearly 18 (5.6 billion) of all of the messages
sent per day in 2002 (worldwide) were spam
(Source IDC).
Spam cost U.S. organizations 8.9 billion in 2002
in lost productivity, IT resources and help-desk
time (Source Ferris Research).
4What is Spam?
Definition
- Spam is messaging that has one or more of the
following properties - It is unsolicited and irrelevant
- It is not targeted to the recipient
- It contravenes organizational standards
5Why is Spam called Spam?
- The Leading Theory The Monty Python Spam
SketchScene A cafe. One table is occupied by a
group of Vikings wearing horned helmets. Whenever
the word "spam" is repeated, they begin singing
and/or chanting. A man and his wife enter - Man Well, what've you got?
- Waitress Well, there's egg and bacon egg,
sausage and bacon egg and spam egg, bacon and
spam egg, bacon, sausage and spam spam,
bacon, sausage and spam spam, egg, spam,spam,
bacon, and spam spam,sausage, spam, spam,
bacon, spam, tomato and spam. - Vikings Spam, spam, spam, spam...
.
6Key Strategic Issues
- Spam ...
- Decreases the value of e-mail
- Increases recipient costs
7The Consequences of Spam
- Displacement of normal email
- Cost-shifting
- Potential retrieval cost
- Fraud and confidentiality
- Organizational legal problems
- Management cost
- Annoyance factor
8Marketing Gone Crazy
- On-line marketing is the cause of the majority
of spam - Used by many companies including both small
(Visit FreeBurst and get your FREE Digital
PocketCam!!) and large (Develop Your Design
Skills At Brooks) organizations - Why?
- Sometimes done out of ignorance
- Usually rampant spammers
- Occasionally they said the list was opt-in
Devry UniversityPhoenix UniversityDirecTVColumb
ia HouseX10Cingular WirelessOmaha SteaksThe
New York TimesPerfumania
9Spam Impact
- The Federal Trade Commission receives 88,000 spam
complaints every day. - Internet Fraud Complaint Center in 2002 received
- 85,172 complaints of which 11.6 (9,880)
concerned spam - 16,164 complaints of the Nigerian 419 fraud, a
500 increase over 2001 and 74 individuals lost
money totaling 1.6 million.
10Spam Growth Estimates
11Spam Context
- Part of a bigger problem
- Messaging management
- Key issues
- Performance and network management
- Security and confidentiality
- Virus and worm distribution
- Content liability issues
12Spam Messaging Technology
- Spam is primarily found in SMTP-based messaging
- But note the rise of
- Fax spam
- Web Pop-ups
- Spyware
- Windows Messenger spam
- SMS spam
13Getting Your Attention
- Cross referencing addresses
- Misleading subject text
- Simple (Hi)
- Personal (We met at ...)
- Social engineering
- Offers (You won)
- Informational
- The newbie problem
14Hummm
- It doesnt seem complicated but ...
- Spam will cost U.S. organizations 10 billion in
2003!!! - (Source Ferris Research)
15Cost Analysis Model
1000 users 100 messages/user/day 25 spam 25
spam growth rate
16Calculating the Cost of Spam
17Calculating the Cost of Spam
18Calculating the Cost of Spam
19Calculating the Cost of Spam
20Calculating the Cost of Spam
21Calculating the Cost of Spam
22Calculating the Cost of Spam
23Calculating the Cost of Spam
24Anti-Spam Technology
- Header analysis
- Whitelists
- Private
- Corporate
- Blacklists
- Private
- Corporate
- Internal
- Distributed adaptive blacklists
25Anti-Spam Technology
- Keyword matching
- Duplicate detection
- Pattern recognition
- Phrase detection
- Formatting
- Tracking tokens
- Content
- Neural networks
- Statistical analysis
- Bayesian filters
- Statistical filters
26Anti-Spam Technology Problems
- Spam probability
- What to do with detected spam
- False positives
- False negatives
- The blacklist problem
- Management
27Desktop v. Enterprise Solutions
LAN
Desktop
28Desktop v. Enterprise Solutions
LAN
Enterprise
29Solutions Comparison
Desktop
Enterprise
- Simple planning
- User controlled
- Complex management
- Little or no reporting
- Requires extra storage
- Uses LAN bandwidth
- Complex planning
- IT Group controlled
- Simple management
- Comprehensive reporting
- Minimizes extra storage
- Avoids using LAN bandwidth
30Spam and the Law
- Antispam laws
- Current attempts
- CAN SPAM Act of 2002 (Burns-Wyden)
- Unsolicited Commercial Electronic Mail Act of
2001 (Green) - Wireless Telephone Spam Protection Act (Holt)
- Unsolicited Commercial Electronic Mail Act of
2001 (Wilson) - Anti-Spamming Act of 2001 (Goodlatte)
- Whatever is enacted will have little effect
31The Future of Spam
Volume
Year
32A Strategic Corporate Approach
- Establish spam problem dimensions
- Build a cost model
- Document problem and costs
- Select an anti-spam solution
- Sell your solution to the company
- Begin staff education
- Implement anti-spam solution
- Fine tune
- Track performance
- Review quarterly