The What, Who, Where and Why of Spam

Spam was once just clutter in your inbox; now it is a commonly used vehicle for fraud, electronic crime and even corporate espionage. The 4 Ws of spam answer the most commonly asked questions about spam.

What is Spam?

Spam, also called junk email, is generally defined in the Internet industry as unsolicited commercial email (UCE). It is email that is sent out in bulk to a huge number of recipients who did not request it. The contents of spam range from benign advertising to malicious programs that can literally hijack your computer system do grave damage.

The most common commercial spam advertises pyramid schemes, pornographic web sites, mortgage loans, chain letters, credit repair, fraudulent pharmaceuticals and illegally pirated software. The more dangerous spam will often contain viruses that can infect your computer, Trojan horses that can hijack your email program and use it to send out spam to your friends and family, and phishing scams that attempt to get your personal and financial information.

Who Spams?

“Spammer” is the term used to refer to those responsible for spam. In the Spam world, there are two types of spammers. There are the honest spammers who comply with the anti-spam laws, and have the consent of the spam recipients. These willing recipients usually join the honest spammer’s “opt-in” mailing list by signing up at a website, for example to enter a lottery, or to be notified of future promotions.
Then there are the dishonest spammers, who will get your email addresses by any means possible. They use their spam for criminal or malicious purposes and have zero regard for the law.
Spammers range from the lone, home-based individual to multi-million dollar companies with several employees. Most of the spam companies are increasingly relocating to offshore locations to evade US laws and law enforcement.

Where do the Spammers Get your Email Address From?

Spammers get their victim’s email addresses from just about anywhere you can imagine. Primarily, they use Newsgroup harvesters and Spambots, which are automated programs designed to “harvest” (extract) email addresses from online sites. Newsgroup harvesters target newsgroup postings and other unprotected web-based forums, which tend to have low security. Spambots troll the Internet, scanning websites and “harvesting” (extracting) email addresses. It typically searches for the “@” sign that denotes an email address.

The average spambot can harvest over 30,000 email addresses in just one hour. And this goes on 24/7, year and year out.
There are also companies that sell CDs that are packed with valid email addresses. These can sell for as little as $25, and they are a goldmine for any spammer.

Why do Spammers Spam?

In a word? Money. Spammers literally make millions from their illicit trade. Studies show that for every million junk emails sent out, a spammer will average about 100 sales. Add to this the fact that they make $50-$100 in commission for each sale, and you can see how the numbers add up to incomes in excess of $100,000 a year! What’s more, spamming can cost next to nothing.

But why does spamming continue despite its cost in time, effort and money? Because there are people out there who respond to spam. Even with a minimal response rate of one sale from every 10,000 emails, it can be highly profitable. If no one responded to spam, the spammer’s cash cow would starve and the practice would end. It is these few who keep the spammers in business. They make the cost of spamming worthwhile.