The statistics are bleak, but far from surprising. According to a new report, American businesses spend a whopping $712 per worker, per year, in the battle against spam.
“This isn’t just a technology problem,” says Rebecca Wettemann, vice president at Massachusetts-based Nucleus Research, the firm that authored the report. Email has become such an integral part of how businesses operate that spam “is now a business problem.”
And the good guys aren’t winning. “The best VC money that has been thrown at developing filtering technology has not met the mark yet,” she tells Datamation.
The Nucleus report, based on a survey of 849 users, found the following:
• Users are spending more than 1 percent of their time tackling spam in their inboxes.
Is the Mac Really More Secure than Windows?
Web 2.0 Security: Application Scanners
Spam Bust: The Lessons of Yesmail
Russia’s Export To America: Malware
• Even though 60 percent of companies deploy
enterprise-wide spam filters, two out of three email messages are spam.
• American companies are losing more than $70 billion a year in lost worker productivity.
• Spam has risen sharply since Nucleus’s survey in 2004.
• Nine out of 10 users are frustrated by spam, with one in 100 appearing to be “at the breaking point.”
At the end of the survey, Nucleus asked users what punishment would be appropriate for spammers.
Eighteen percent said that spammers should see jail time, with more than fifty percent believing that junk mailers should be fined at least $1 for every spam.
The survey also provided an “Other” option for how junk mailers should be punished. The responses were – apparently in jest – quite macabre. They included “the death penalty, slow hanging, public flogging, psychological assessment, and other suggestions that are inappropriate to print.”
Concluded the report: “Spammers, watch your backs.”
Three (Flawed) Solutions
On average, people spend 16 seconds per message in deleting spam, according to the survey.
While this figure may sound high, Wettemann notes that it’s an average; though many workers delete spam instantly, some – shockingly – actually read them fully before realizing they’re from a Nigerian spam artist. (When Nucleus Research asked the same question in 2004, the average time was a 30 seconds. Fortunately, “People are getting more sophisticated,” she said.)
Although the report’s tally of the per employee cost of spam, $712 per year, also seems high, it’s down from a jaw-dropping $1,934 a year in 2004. (The dollar amount is calculated by figuring productivity loss as a percentage of a 2080-hour work year, at $30 an hour).
Many firms are becoming ever more proactive in their battle against spam. However, this more aggressive filtering has a downside: “a growing number of legitimate messages are blocked as spam or deleted,” the report found.
The survey found three spam filtering methods that are common among enterprises:
• A confirmation process which delays the message until the sender confirms that it is a legitimate message.
• A quarantine strategy in which spam is placed in a directory to be reviewed by recipients.
• A delete strategy that automatically removes messages that the filter judges to be spam, without user review.
Each of these approaches has its pitfalls. The confirmation strategy slows down communication, at least initially (once correspondents become trusted, they aren’t subject to this step).
In the quarantine strategy, Nucleus found that users spend an average of 4.5 minutes a week reviewing messages – a minor expense that adds up over hundreds of workers. The costliest strategy, based on survey findings, is to delete apparent spam; staffers spend an average of 7.3 minutes per week searching for valid emails that have been lost.
In short, an ideal solution that bears no cost doesn’t appear to be on the horizon.
In lieu of finding the prefect spam filter, business can demand greater accountability from related parties. Notes Wettemann: “Businesses need to go to their ISPs and the carriers of the spam, and have them take a closer look at ‘What are they doing at the overall infrastructure level?’ And maybe the FCC needs to be taking a closer look at how those public resources are being regulated and managed.”