The Dark Side of Email

The Hutch Report

The invention of e-mail created huge efficiencies in the world. Messages that used to take weeks to receive now arrive instantaneously. However, with every great step foreword there always seems to be a portion of the population that embraces the dark side of innovation.

Mail promotions at one point used to be expensive. Even if a company did have a large address list, they still needed to print out their flyers, pay for postage to have them delivered or pay someone to deliver them. After that, there was no easy way to judge the success of the mailing campaign. It was not a viable marketing strategy for many businesses to embrace.  E-mail changed all that. It became easy to send out hundreds of thousands of emails to strangers, not once but as many times as desired at next to no cost.

As hard as I have tried to filter spam, as it has become to be known, still infiltrates my inbox. No filters have been strong enough to eliminate all of them. Spam is not a simple problem, and the chances that we are able to eliminate it completely one day are quite low. It is a cat and mouse game whereby for every measure taken to eliminate spam there is a counter measure taken by spammers to increase their distribution efficacy. Unfortunately, spammers have only begun to explore the range of options and techniques open to them, and this digital waste is inevitable in any open system of communication.

On May 3, 1978, Gary Thuerk, a marketer for the Digital Equipment Corporation, sent out his message to 393 of the 2600 people on ARPAnet, the DARPA-funded so-called “first Internet.” His motivation was effectively to sell something. He was selling Computers, or more specifically, information about open houses where people could check out the computers. By taking this action he annoyed a lot of people but worst, he also had some success. Although not many, but a few recipients were interested in what he was promoting. That was enough to validate the action.

On April 12, 1994, husband and wife team of lawyers, Laurence Canter and Martha Siegel sent out what became known as “The famed Green Card Spam incident.”  They bulk posted, on Usenet newsgroups, advertisements for immigration law services.  The couple defended their actions citing free speech rights.  They later wrote a book titled “How to Make a Fortune on the Information Superhighway“, which encouraged and demonstrated to people how to quickly and freely reach over 30 million users on the Internet. This incident is noteworthy as it marked the beginning of the flood of spam.

These two incidents have been well documented but it is to merely to impress upon you how long the problem has been around. Today,  statistics show, as of the most recently reported period, spam messages have accounted for 59.56 percent of e-mail traffic worldwide. According to, in 2016, the United States accounted for the majority of unsolicited spam e-mails with 12.08 percent of global spam volume. The most common types of spam e-mail were healthcare and dating spam.

Initially, I thought that I could avoid a large part of unwanted e-mails by creating a dedicated e-mail address that I would use solely for reputable services that I sign up for.  Then, strangely enough, this email seemed to be showing up in my inbox but attached to a number of services and products that I never signed up for.

So how did they get my email?  Not surprisingly, spammers are very resourceful and have come up with a variety of ways over the past 20 years which include the following methods but not limited to:

Buying illegal lists – There have been an increasing number of high profile hacking events where millions of emails have been stolen from company servers and ISPs.  In addition, there have also been incidents where dishonest employees of ISP’s will sometimes download information directly from their work servers. These e-mail lists then find there way onto the open market where they are sold to spammers.

Harvesting programs – Also known as “crawl and scrape” programs, are also commonplace. Any text on a web page that contains “@” character is fair game for these programs, and lists of thousands of addresses can be harvested within an hour via these robotic harvesting tools. While harvesting requires a lot of bandwidth, it is simple: Simply download the right pages from select Web sites and extract the e-mail addresses that are available. There are a variety of these programs available that may be employed:

  • Web spiders: Spammers employ Web crawlers and spiders that harvest e-mail addresses from Web sites. It’s common for Web sites to include mailto: URLs as well as unlinked user@domain addresses. These Web spiders are not unlike the spiders and Web crawlers used by Yahoo, Google, and others that scan the Internet’s Web sites in order to keep Web search indexes fresh. If your e-mail address if visible on your website then you are a target.
  • Newsgroups: This is simply extracting e-mail addresses from Usenet newsgroups with a simple shell or Perl script.
  • Groups, blogs, and discussion boards: Yahoo! and Google have their groups and mailing lists, many of which make their members’ e-mail addresses available. There are thousands of blogs and discussion boards that contain easily acquired e-mail addresses.

Test messages – In this method, spammers send test e-mails to recipients whose addresses they simply guess.  They conclude that if they do not receive a nondelivery receipts (NDRs) back from the domain that the e-mail address must be legitimate. However, more servers are now opting out of sending NDRs to avoid this.

Unsubscribe links – Many spam messages include an opt-out or unsubscribe link so that the recipient can request not to receive more spam. However, often the real purpose of unsubscribe links is to confirm a valid, active e-mail address. If a company has purchased your e-mail you could still unsubscribe and take yourself off the list, however, if the company is not legitimate then you are simply confirming to them that your e-mail is valid.

Malware – Spammers sometimes use Trojan horses, viruses, and worms to extract e-mail addresses from individual user’s computers.

Dictionary programs – These products will generate alphabetic/numeric combinations of addresses in sequence. While many of the results are incorrect, these dictionary programs can create hundreds of thousands of addresses per hour, guaranteeing that at least some will work as targets for spam.

Curiously, in my inbox, I often find legitimate companies advertising their services. Therefore, these companies have either purchased a stolen or harvested list. So that gets me thinking about the company that purchases such a list. Do they have a marketing department that has actually promoted such a strategy?

According to a study conducted in 2008 by researchers at the University of California, Berkeley and UC, San Diego, it was found that spammers were getting a response just once for every 12.5 million emails they were sending — a response rate of 0.000008% (Despite that, though, spammers were still able to turn a profit). That’s a miserable response rate, and well below the 2.15% rate that legitimate direct mail companies report. However, spam is still considered cheaper than legitimate marketing when working at the spammers scale, and can apparently still be effective at generating profits. Therefore, many companies still attempt to employ these strategies.

In this New Economy, too many companies are focusing on promoting “digital marketing” strategies that will hopefully get as many people to their storefront as possible. Yet there is obviously too much focus on “digital” and not enough on “marketing”. You can see it in your mailbox daily. Products and services that don’t apply to me still target me. It is purely a carpet bomb approach.

These companies should start asking different questions if they want to remain viable. Instead of asking, “How can we push as many people as possible towards our storefront,” they should be asking,  “what is the customer’s problem and how can we add value towards helping solve it?”

Great products and services that add value will always get noticed. This will breed a force of fanatical users and fanatical users are the best sales force any company can have, and more effective than any spamming campaign could ever hope to be. Just ask a company like Apple.

The Hutch Report

Author The Hutch Report

More posts by The Hutch Report

Join the discussion One Comment