I'm not totally surprised by these numbers (350 million messages, only 28 sales), but I am glad to see that there are people out there actually attempting to figure out what the true numbers are (as opposed to the tens of millions of dollars myth). Based on what the story says, spammers are potentially earning about $2 million a year. I suppose larger spammers could be earning 3 - 4x that (so, $6 - 8 million), and this obviously isn't chump change.
This study points out what we already know, though: there is a problem with email. The barrier to entry is too low which is both a blessing and a curse. It allows people communicate with ease, but it also allows people to send millions or billions of emails at little or no cost to them. Now, I know that these are hijacked computers, but the point remains that since it is so easy and cost-efficient to send email, it becomes profitable at virtually any scale because of the non-existent cost.
I'm not saying that we should charge for every email, since that may not be a viable solution (though it could work), but there does need to be something done besides continuously improving our spam filters.
Also, isn't the methodology used by the researchers technically illegal?
"The team used these machines to control a total of 75,869 hijacked machines and routed their own fake spam campaigns through them."
"The fake pharmacy site was made to resemble those run by Storm's real owners but always returned an error message when potential buyers clicked a button to submit their credit card details."
The ratio of emails sent vs. sales generated depends largely on the quality of the mailing list.
Professional mailers buy or lease mailing lists which are more less targeted and hence have higher return rates.
On the flip side you have mailers that scrape the web for emails so they have a lower acquisition cost but also a lower hit rate.
I'm not totally surprised by these numbers (350 million messages, only 28 sales), but I am glad to see that there are people out there actually attempting to figure out what the true numbers are (as opposed to the tens of millions of dollars myth). Based on what the story says, spammers are potentially earning about $2 million a year. I suppose larger spammers could be earning 3 - 4x that (so, $6 - 8 million), and this obviously isn't chump change.
This study points out what we already know, though: there is a problem with email. The barrier to entry is too low which is both a blessing and a curse. It allows people communicate with ease, but it also allows people to send millions or billions of emails at little or no cost to them. Now, I know that these are hijacked computers, but the point remains that since it is so easy and cost-efficient to send email, it becomes profitable at virtually any scale because of the non-existent cost.
I'm not saying that we should charge for every email, since that may not be a viable solution (though it could work), but there does need to be something done besides continuously improving our spam filters.
Also, isn't the methodology used by the researchers technically illegal?
"The team used these machines to control a total of 75,869 hijacked machines and routed their own fake spam campaigns through them."