- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
Network World - For Tracy Mooney (pictured), a married mother of three in Naperville, Ill., the decision to abandon cyber-sense and invite e-mail spam into her life for a month by participating in a McAfee experiment was a bit of a lark.
The idea of the Spammed Persistently All Month (S.P.A.M.) experiment — which fittingly started on April Fool's Day — was to have 50 volunteers from around the world answer every spam message and pop-up ad on their PC.
What would be the experience in 10 countries when everyday people, armed with a PC and e-mail account McAfee provided for the Global S.P.A.M. Diaries project, clicked through the spam and chronicled the results?
Mooney — who had observed the family's PC crippled just before Christmas by a virus — was game, especially because McAfee was giving a free PC to all participants. She was selected to be among the 50 volunteers picked by McAfee out of 2,000 people who applied to be part of the adventure.
By the time it was all over, after every bank-account phishing scam, Nigerian bank scheme, and offer for medication, adult content and just plain free stuff had been pursued. "I was horrified," says Mooney, a realtor by profession. "It's all snake oil. I'm amazed at what true junk is out there when you're clicking through on e-mail."
McAfee is releasing the results Tuesday of its free-wheeling month-long S.P.A.M. experiment, done largely to illustrate — if you didn't know already — how spam is connected to malware and criminal activity, not to mention some of the slimiest marketing ever devised. (Compare antispam products.)
Each S.P.A.M. volunteer saw an average of 70 spam messages arrive in their in-box each day, with men receiving about 15 more per day than women. That was a lot to answer, but "Penelope Retch" — the alias that Mooney chose for her S.P.A.M. adventure — answered every single message.
In her guise as Penelope Retch, Mooney answered the e-mail that came into her account. "I'd see an interactive spam, open it, click on it and asked to be removed. That would only make it worse," she says. "They'd say 'no.'"
Whether trying to win an iPod online, get free travel brochures, weight-loss tea or Maybelline eyeliner, the effect of entering a home address was extreme. Immediately, a deluge of mail landed at her doorstep, directed to the attention of Penelope Retch.
"One of the mail offers I got was a $7,500 credit card for Penelope Retch," Mooney says, noting that the sudden upsurge in junk mail left the neighborhood postman somewhat aghast. "It grew exponentially, so I stopped giving out my home address," she says, adding, "I am concerned about the environment."
Mooney clicked through on the phishing e-mails for fake Wells Fargo and other bank sites, sat back as the supposed government of Nigeria sought to give her an inheritance, and watched a foreign IP address go after a dummy PayPal account that had been set up as part of the S.P.A.M. experiment.
Overall, the most obvious result of the S.P.A.M. experiment was that the PC that McAfee had provided for the project noticeably slowed down, clogged up with spyware, Mooney says.
According to McAfee, which selected five participants from each of 10 countries for the S.P.A.M. experiment, the five U.S. participants received the most spam: 23,233 messages over the course of the month.
Brazil and Italy were in the 15,000-plus category, and Mexico and United Kingdom above 10,000. Australia, The Netherlands and Spain were in the 5,000 to 9,000-plus spam range. The S.P.A.M. volunteers in France and Germany got the least, less than 3,000 for the month. McAfee didn't even include what it calls "grey mail" (e-mail that arrived after participants signed up for a newsletter, for example) in this count.
Phishing e-mail accounted for 22% of the spam received by the Italian volunteers and 18% of the U.S. ones. In general, spam appears to still largely be delivered in English; French- and German-language spam were the only non-English spam to amount to more than 10% of spam received by the participants in France and Germany respectively.
Some oddball facts that emerged from the experiment are that fake Chase.com was the most common phishing e-mail spotted during the project, and that the British volunteers received the most Nigerian scam e-mail.
In addition to Mooney, the other S.P.A.M. participants also kept a blog about the experience, which some found amusing and others disturbing. One participant in Australia named Marika wrote, "I don't know whether I would feel safe to surf to that extent again. I tried to sign up for jobs that would generate an at-home income with what seemed like respectable sites, however these sites led to massive amounts of spam."
Read more about security in Network World's Security section.