Although, there is no international consensus on a single definition of spam, the term usually refers to unsolicited or unwanted messages sent in large amounts and received in the e-mails’ inbox or bulk section of an individual’s account without any prior connection between the originator of the message and the recipient, and normally without the expressed consent or approval of the latter. Spam has evolved in the last years from being a minor nuisance to become an increasingly criminal and fraudulent problem to end users and computer networks alike. Spam surpasses technical, policy and regulatory measures and threatens the use and functioning of corporate, public and academic networks; it assists cybercrime, represents a threat to consumer confidence, and undermines the use of e-mail among Internet users.
Spam has increased more than double since the year 2000. Statistics from Security firms Symantec and MessageLabs estimate that spam is between 54% and 85% of all e-mail traffic. The 2006 figures from Sophos say 34% of spam relaying by continent came from Asia; 32% from Europe; and 24.2% from North America. Image based spam, which is one of the recent techniques used by spammers to evade anti-spam filters represents 25 to 45 percent of junk email according to Ironport Systems.
During the ITU-WSIS thematic meeting on Countering Spam held in Geneva, Switzerland from 7 to 9 July 2004, the Chairman reported that the estimated costs of spam to the global economy range in the amount of 25 US billion dollars a year, while the European Commission estimates that the cost of spam to Internet users worldwide is approximately 10 billion Euros per year. In 2005, Ferris Research estimated spam to cost €39 billion worldwide while Computer Economics calculated malicious software to cost €11 billion globally. Security firm Postini estimated that 7 billion spam emails circulated worldwide during November 2005.
Spam causes significant economy costs and losses in productivity for service providers, businesses, government, civil society, academic institutions and particularly to consumers. For instance, spam represents a problem for companies because not only will they have to invest more financial resources in information technology infrastructure, software and filters to control the amount of unsolicited messages employees receive on a daily basis but also because, it represents companies a lost of work productivity due to the fact that employees waste a long time checking and getting rid of spam messages, and in many occasions, employees open messages that contain viruses that infect or lower the functioning of corporate networks. Furthermore, spam represents a problem for both, Internet Service Providers (ISPs) and Internet Access Providers (IAPs) because they have to invest more on financial and human resources in order to offer better filtering messages techniques and solutions for their clients to avoid possible liability issues. And finally, spam represents a problem to consumers and end users because it invades their right to privacy; diminishes their trust and confidence on the use of the Internet, but more important yet, because consumers and end users bear a large part of the costs that ISPs and IAPs incur in improving spam filtering techniques and anti-virus software, which are usually reflected in the final costs of Internet access.
The majority of spam messages advertise goods or services that are of dubious quality or that contain deceptive & misleading offers and scams such as pyramid illegal schemes, multi-level marketing plans, false advertising, including pornographic and offensive material and gambling. Moreover, spam is used as a channel for the propagation of viruses and spyware, as well as to perpetrate other criminal illegal activities through “phishing” and “pharming” techniques, which are the fastest growing forms of consumer theft causing millions of dollars in losses to financial institutions and consumers worldwide. Spam is not a problem that originates only in personal computers; spam activities are now spreading to mobile phones, instant messaging services, weblogs and wireless networks.
Currently, there is no single solution to the spam problematic, and in fact, spam is such a complex cross-border issue that requires the adoption of a multi-dimensional and multi-stakeholder approach as recommended in the Anti-Spam Toolkit of the Organization for Economic Cooperation and Development (OECD). In order to curb spam effectively, a combination of multiple solutions is required such as: technical and standardization measures; legislation and regulatory policy initiatives; awareness raising, consumer education campaigns, industry initiatives and partnerships, international law enforcement cooperation, and coordination measures among countries overall.
The Declaration of Principles of the World Summit of the Information Society (WSIS) establishes the need to “take appropriate action at national and international levels” and the WSIS Plan of Action reinforces the said views and calls for further action against spam by all stakeholders at national and international levels, including organizations of the civil society.
Paragraph 41 of the Tunis Agenda of the Information Society “calls upon all stakeholders to adopt a multi-pronged approach to counter spam that includes, inter alia, consumer and business education; appropriate legislation, law-enforcement authorities and tools; the continued development of technical and self-regulatory measures; best practices; and international cooperation.”
Paragraph 42 expresses the need to “ensure Internet stability and security, to fight cybercrime and counter spam.”
NACPEC has created this section with the purpose to provide our visitors with relevant and update sources of information, documents, statistics, legislation, cases, organizations, publications, and links on spam and phishing.