Thursday, July 9, 2009
I'm pleased to present you with my first ever, terribly non-scientific spam survey. I reviewed 1010 spam messages collected over the course of a month from two domains that I manage. I reviewed each message and categorized it based on the text-only content. I did not open attachments, and I certainly did not follow URLs.
The reason this is non-scientific is because:
1. I failed to collect several key points of data including the actual time range the messages are from.
2. There's an excellent chance that many messages were zapped by my server-based spam filtering thus reducing the range of categories seen here
3. Virus spam isn't represented at all: virus-laden mail never hits my inbox because the server-based filter catches some and my anti-virus software (Trend Micro Internet Security) catches the rest
4. The email client I used for these domains (Mozilla Thunderbird) doesn't always categorize spam properly and I regularly just delete it from my inbox rather than take the time to recategorize the messages as spam so the filter improves. This ensures that spam messages were lost rather than included in the survey.
5. The email addresses are on commercial domains so there aren't any "drive by" spam messages that you'd see on Yahoo, Hotmail or even Gmail now. These would be messages that spammers send by automatically generating (geek-speak for "guessing" using a program) email addresses.
Enough nonsense, on to the results: