Marci De Vries, a Baltimore marketer, won't open her e-mail in front of clients, fearful that they'll think she's a pervert when they see some of the subject lines on her screen.
Shamik Ghosh, a Laurel business developer, has to delete junk mail from his
wife's account when she's out of town so the deluge of spam doesn't crash the
And Deborah Tillet, president of a Hunt Valley gaming company, is so fed up
with spam, she's considering not giving her e-mail address to "anyone ever
Rife with spam and scams, e-mail has reached the point of surrender for
many. When Bill Gates proclaimed this year that spam would be gone by 2006,
raised eyebrows and much skepticism greeted his prediction.
But that target might not be so far off, industry executives say.
Technology companies began joining forces this year to develop a
counterattack. Recent government actions, including an anti-spam law in
Maryland that took effect this month and is regarded as one of the nation's
toughest, also point to a growing recognition of the need for a solution.
"I think you'll see some real changes within three years," said Deborah
Fallows, a researcher with the Pew Internet and American Life Project in
Just as phone solicitations mushroomed after the telecommunications reform
act of the mid-1990s, interrupting dinners and forcing the advent of a
national Do Not Call list a year ago, e-mail is reaching a "crisis," as one
member of the Federal Trade Commission put it.
E-mail spam and fraud are harder to corral than telemarketing, however. The
volume of messages is much greater, and it's easier for senders to conceal
their identities or addresses.
The trade commission decided last summer not to pursue a "Do Not Spam"
list. It concluded that spammers would use the list as verification of real
e-mail addresses to which they could send solicitations for everything from
real estate loans to erectile dysfunction drugs.
"The volume of spam is growing at astonishing rates," FTC Commissioner
Orson Swindle has said. Though estimates differ, experts generally agree that
spam -- the nickname given to most unsolicited electronic pitches, including
illegal scams -- now makes up between 70 percent and 80 percent of all e-mail,
up from about 10 percent just three years ago and about 30 percent last year.
Forged e-mail has also become more prevalent and sophisticated. By using
fake Web sites and logos that resemble familiar financial services companies,
e-mail "phishers" have become more convincing in luring consumers to respond
with their personal financial information, which is then used to raid their
accounts. While many people have learned to be skeptical of messages in their
inboxes, 1.4 million people divulged confidential information in cases of
e-mail fraud last year, according to the Gartner Group research firm.
Phishing has increased 17-fold since December, to nearly 2,000 different
scams, according to the Anti-Phishing Working Group, an industry association
fighting cyber crime. Among corporate targets, New York financial giant
Citibank has been hit hard, with nearly 700 false requests for data purporting
to be from the company popping up in July.
Two main factors have fed the spam explosion: the global nature of the
Internet and greed. As more nations have become Internet-savvy, their spammers
have joined the pool. And e-mail crime too often pays. It costs less than a
penny to send an e-mail, and about one-third of e-mail users respond to the
unsolicited ads, the Pew Internet and American Life Project reported.
Filters to block spam, installed by businesses or individuals on their
computers, have provided some help, but they have spawned their own problems
by rejecting legitimate e-mail, such as receipts for online transactions,
newsletters or advertising from companies with which consumers have a
relationship. John Karpovich, president of Port25 Solutions Inc., an Ellicott
City technology company working on a solution, estimated that nearly one-fifth
of legitimate e-mail is accidentally blocked by anti-spam filters.
"I use a spam software package that is 99 percent accurate at detecting
spam and puts it into a special folder, but I still have to look at each [one]
to ensure that it isn't from an associate or sales prospect," Jason Hardebeck,
chief executive of WhoGlue Inc., a Baltimore software company, wrote in an
e-mail. "I still end up spending an extra 45 minutes to an hour a day
verifying that I'm not throwing the baby out with the bath water."
Several Internet service providers -- including Microsoft, Yahoo Inc. and
America Online Inc. -- are working on developing ways to verify the identity
of an e-mail sender so spammers can be found and prosecuted. But devising
universal remedies is difficult: The Internet Engineering Task Force, a
standards-endorsing body, rejected a Microsoft proposal as a global remedy
last month partly because the company wanted to keep the intellectual property
The FTC said it would prefer the industry choose a standard, but said it
will step in and impose one if necessary. The trade commission is meeting next
month to discuss future steps.
Three identification methods that promise different ways of weeding out
messages with fake return addresses are being tested.
America Online is exploring ways to verify that the address listed on an
e-mail's "envelope" -- the internal data concealed from the viewer -- is
authentic. Microsoft is working on verifying that the address listed in the
"from" line of an e-mail message is true. Meanwhile, Yahoo is trying to
authenticate the message itself through a digital signature, the equivalent of
an e-mail fingerprint. Initiatives are also under way that would rank a
company's reputation according to its e-mail etiquette, like eBay traders get
ranked by the past reliability of their wares.
"All of us here collectively in the industry, we're just testing," AOL
spokesman Nicholas Graham said. "We're asking others to be patient. ... It
does take time to get it right."
One of the toughest state laws to fight spam and e-mail scams took effect
this month in Maryland, threatening fines of up to $25,000 and penalties of as
much as 10 years in jail. It's similar to the federal Can Spam Act that took
effect in January. But lacking a way to verify the sender, legal remedies ring
hollow, some experts say.
"There's not a shortage of legislation saying that `spamming is bad,'" said
John G. Palfrey, executive director of the Berkman Center for Internet and
Society at Harvard Law School. "But the question is really one of enforcement.
Are you able to enforce the laws that are on the books? ... One very big fear
about spam is it will turn off people from electronic commerce and using
e-mail in general."
Introduced in 1971, electronic mail was used initially by people within
government, universities and research institutions -- people who knew and
generally trusted each other, or at least the content within one another's
messages. But once e-mail went mainstream in 1993, the medium's wide reach and
ease-of-use also made it susceptible to cons and come-ons. The exponential
growth of the problem is driving the hunt for a solution.
Until one is found, people must wrestle with the awkward adolescence of a
technology that has transformed communications.
"Ninety percent of my e-mails are spam, and I receive a total of 200-plus a
day," Gloria Berthold, an executive of Marketing Outsource Associates Inc. in
Elkridge, wrote in an e-mail. "I am definitely deluged with spam and not happy
about it. I would love to eliminate all the drugs, insurance, pornography and