Fighting malware and spam

More than 50% of users regularly double-check for false positive spam filtering

Only 12% of users trust their spam filter sufficiently not to bother sifting through spam folder.

In a poll of more than 1,000 visitors to the VB website, 52% of users say they regularly check their spam folder for false positives, while only 12% of users said they never bother to check for legitimate messages misclassified as spam.

The subjective nature of spam (one person's spam may be another person's legitimate email), along with the ever-changing nature of spam as spammers come up with new tricks and techniques to bypass filters means that spam filters are unlikely to have 100% accuracy - indeed even the term 'accuracy' is considered to be flawed when it is used in reference to spam filters.

One might wonder, then, at the wisdom of the 12% of respondents who say they never check for false positives. Another 26% of respondents said that, while they check their spam folders, they only do so occasionally. Which of these policies is best depends on the spam filter used and the way in which it is configured, as well as on the nature of the email account in question: for personal correspondence, a missed email might simply be inconvenient, whereas a company that misses out a sales lead because an email was incorrectly identified as spam may lose important business.

In either case, it shows that spam is more than just an annoyance of the digital age. Missed emails could mean missed opportunities, but with more than 90% of email traffic estimated to be spam, many employers are equally concerned about the amount of time employees are having to spend on sorting the ham from the spam.

The full poll results can be found here.

An article describing the challenges in spam filter evaluation can be read here (pdf, p.21). And an article on measuring an marketing spam filter accuracy can be read here.

16 April 2008

Tags: false positives, spam, virus bulletin.    del.icio.us   digg this

4 comments

If you have to review your "spam" looking for false positives, you might as well review it in your inbox by not using an anti-spam product. It seems crazy to shell out money for a product that has zero net effect. If your organization has a spam problem, and your IT staff can't find a solution, you need a new IT staff.

If you have an accurate anti-spam product and your users still review their spam, policies should be enforced against it. Take away their ability to review the spam.

by Mark Adams, 17 April 2008, 19:50

Spam filters can be effective, but have limitations. Usually reviewing your spam folder takes but a few seconds to see if something triggered the false positive. For example when mom is going to Essex to visit auntie Carol., or your brother offers to LOAN you the hand truck to help you move. It's not like you have to read or even open all of it. Just scan the subject and/or sender.

by John Polkinghorn, 27 April 2008, 17:36

The author of this article apparently has never heard of spam blockers or spam filters. For my personal e-mail account I use Choice Mail (http://www.digiportal.com), which is an effective spam blocker. If a person is not on my whitelist the sender is directed to a website where they can send me a message that identifies them and, if approved, they are automatically added to my whitelist. For my business e-mail accounts I use Mail Washer Pro (http://www.firetrust.com) which they describe as a spam blocker but is technically an excellent spam filter.

by Charles Holley, 14 July 2008, 16:24

I say this ALL the time when giving presentations: "WHAT is the point of having a spam folder if I STILL have to go through it looking for lost emails."

A couple weeks ago Lee Gomes in the Wall Street Journal wrote that he found out that 46 percent of the emails that his filter was stopping was email that he wanted.

SPAM FILTERS WILL NEVER WORK. They are just a never ending arms race between the filters and the spammers.

ANYONE who tells you that they have a good filter is completly disillusioned. If you doubt this, I will prove it. Give me your email address and then check your email tomorrow. Any takers???

There is a simple answer that everyone is overlooking. A free EnterTo.com email address eliminates spam without filters and eliminates lost emails due to filters. Here is a video about it: http://www.youtube.com/watch?v=O1Nxfnv06ug

by Yumfy, 17 July 2008, 22:50

Leave a comment

Poll

VB2008