SUNNYVALE, USA: Sixty-eight percent of service providers say outbound spam costs them up to $100,000 per year, according to a new research study “The Growing Problem of Outbound Spam” by industry analyst firm Osterman Research and Commtouch.
In the first ever comprehensive report on how outgoing messaging abuse affects service providers, the Commtouch-Osterman study surveyed ISPs, hosting providers, managed service providers and Internet portals around the world, asking specific questions regarding spam and scam email messages generated from within their networks. Exploitation of service providers’ networks to send unsolicited email can lead to customer loss, operational cost increases, brand damage and even potential lawsuits.
The research also surveyed end-users on how they perceive providers’ efforts in dealing with outbound spam.
”Service providers are starting to realize that dissatisfied customers, blacklisting and other problems caused by outbound spam are issues they cannot ignore,” said Michael Osterman, president and founder of Osterman Research. “By eliminating spam originating from within their networks, service providers can reduce their costs while improving the service levels they offer their customers.”
Highlights of the survey include these findings:
* 68 percent of service providers say outbound spam costs them up to $100,000 per year; 4 percent said it is costing them more than $250,000 per year. Costs due to outbound spam include such things as IT helpdesk and anti-abuse team time.
* Almost 40 percent of service provider respondents have had their IP addresses listed on Real Time Blackhole Lists (RBLs) in the past 12 months alone. RBLs are published lists of the addresses of computers or networks known to be sending out spam. A service provider may be “blacklisted” as a result of outbound spam, and thus have its customers’ legitimate email blocked by other service providers.
* Nearly 70 percent of service providers are in the process of evaluating solutions for their outbound spam problem. 50 percent expect to deploy a solution within the next 12 months.
-- 75 percent of service providers said deploying an outbound spam solution will help them to improve their customer service;
-- 78 percent of service providers surveyed said it is important or extremely important to identify the senders of spam within their networks as part of an outbound spam solution;
-- 80 percent of email users surveyed believe that it is important or extremely important that their service providers actively ensure that spam is not sent out from their networks.
Outbound spam is the spam generated within service providers’ own networks. The source of outbound spam can include compromised accounts, spammer accounts, and zombie computers.
The in-depth Outbound Spam Report discusses:
* How serious the issue of outbound spam is for service providers;
* How Internet Service Providers (ISPs), Web hosting companies and managed email providers are attempting to cope with the issue;
* The effectiveness of their existing solutions when it comes to protecting them from having their IPs blacklisted; and
* Essential capabilities and characteristics required of outbound spam protection solutions.
“Based on the results of this research study and our discussions with customers, many service providers that have tried to prevent outbound spam using various techniques are still suffering from false positives and poor detection levels,” said Asaf Greiner, Commtouch’s vice president of products. “The only way to effectively keep off of blacklists is to block outgoing spam while simultaneously targeting the sources of the problem – the spammer accounts, compromised accounts, and zombies.”
Commtouch recently launched an Outbound Spam Protection solution, which enables service providers to identify and block outbound spam caused by compromised user accounts, malicious users, and zombie computers. Commtouch’s solution provides real-time blocking of the outbound spam that is unique to each service provider, as well as identifying the spammers for the service providers’ abuse teams.