Spam - still hard to stomach

If you believe everything you read then the first mass electronic mailing was, according to this web site devoted to the history of Spam, sent in 1971. That’s a full 37 years ago which is slightly further back than the 15 years of existence that Computer Weekly is giving credit for today.

Spam accounts for the majority of email addressed to my organisation’s email addresses. Total tally is somewhere around 85% and 90% of incoming messages. For other organisations I know the statistics are even higher and teeter between 95% and 98% of all email. Yes – that means only 2% of incoming email for those companies is actually legitimate.

Fortunately, we’ve got sophisticated tools in place that prevent the vast majority of that spam getting to the inbox. And for the ones that might make it through, desktop anti-malware controls, user awareness messages, and hopefully some common-sense mitigate most of the risk.

I was discussing the spam issue with a friend who works for an oil company in the middle-east. His organisation has recently been threatened with legal action by employees who received Nigerian 419 messages at their work email addresses and fell for the scam. They now blame the company for not taking adequate measures to protect them (from their own gullability). An interesting perspective that I hadn’t previously considered.

There is little humour to be had in spam. Much of it is vulgar, some of it offensive, some of it dangerous. It’s consuming bandwidth, resources, and it’s infecting our computers with junk ranging from pornographic images to keylogging software.

Computer Weekly asked me if I have a few business tips for protecting against spam. Being ever obliging, here are a couple.

1. Keep it away from the inbox. Companies such as Postini and Message Labs provide solutions that filter out spam before it has a chance to enter the company network.

2. An oft quoted tip is to not post corporate email addresses online. Easy to say, not very easy to put into practice for companies that need to promote their personal contacts. But try to keep those corporate email addresses off bulleting boards and blogs. They all get harvested by the spammers.

3. Make sure image blocking is activated. This prevents people seeing potentially offensive pictures in their e-mail. It’s also possible that some images and graphics in the email alert the sender that you’ve opened the message, which verifies that your e-mail address is active.

4. Security awareness messages help to remind people not to be daft enough to respond to spam.

For home users, my top tip is to visit GetSafeOnline and read the advice posted there.