The Phishing Market — Money For Both Sides

Is phishing a phlash in the pan?

No, says the the Radicati Group, Inc., in its new report, “E-mail Anti-Phishing and Anti-Fraud Market Trends 2004-2008”, which “provides market size, market share, four-year forecasts, technology trends, key solutions, and competitive information for the emerging e-mail anti-phishing and anti-fraud software market”. Phishing, it appears, is big business whichever side of the fence you’re on.

On the one hand, phishing attacks will only grow. The Radicati Group, a “Consulting and Market Research Firm specializing in all areas of Messaging & Collaboration, Directory Services, Provisioning & Identity Management, Security, Unified Messaging & Communications, and Wireless”, says that the number of unique phishing attacks worldwide will grow 115% from an average of 51 unique attacks per month in 2004, to 110 unique attacks per month by 2008.

That means lots of money for the phishers. But it also means a fair chunk of money for anyone in the still infant “e-mail anti-phishing market”. Radicati divides the market into two segments: “E-mail Anti-Phishing solutions which protect consumers from divulging personal information to criminals, and Anti-Fraud solutions which protect an organization’s brand, trademark and website from fraud.” Overall market value of this particular niche? A precise $202 million this year, but “growing to over $880 million by 2008”.

I’m not sure how you can predict something like this, given most people hadn’t heard of phishing a year ago. I’m skeptical: I think phishing will evolve into other forms of identity and financial theft and that what we now think of phishing won’t really exist in a year’s time. But I’m probably wrong.

News: Spam Stats Galore

  If it’s one thing we’re not short of, it’s spam stats. Here are two more, fresh from the PR newswire:
Clearswift, “the world leader in managing and securing electronic communications” (I’ll be honest, I hadn’t heard of them until today), has this week launched a Spam Index, in which it has found that “in contrast to recent reports that have suggested pornographic spam
constitutes 60-80 percent of spam, Clearswift’s Spam Index shows that pornographic spam is found only 22 percent of the time. Instead, the largest proportion of spam – 23 percent – was distributed by companies selling direct goods.”
Also, a study released the same day by The Radicati Group Inc., “a leading independent market research firm” found that email traffic has grown 80% over the past year, most of which it blames on spam, which it said represents 24% of total corporate email traffic.
Email size, it says, is also on the rise.  Larger and more frequent use of attachments are the primary culprits for this trend. The full press release is only available in Acrobat PDF format.
My tuppence: Radicati’s figure for total spam proportion seems way too low. And while I’d agree with Clearswift that porn does not dominate spam — I’m not sure where they got their figures, but their website press release headline blames a “sensationalizing media” for it — there seems to be a reason to be somewhat suspicious of their motives for telling us all this. Telling is a paragraph on their website press release that offers a spin on things:
Although it only takes one pornographic email to cause offence and land an organization in litigation for harassment, the level of unsolicited email that falls into the ?healthcare? and ?direct goods? categories suggests the problem of filtering spam is more complex than simply blocking profane and pornographic emails. Deciding whether or not an email is spam ultimately comes down to whether or not it is the result of a well executed and highly targeted email marketing campaign. The ability to deploy flexible spam filtering solutions that can take into account personal preferences will be vital in the fight against spam.
To be frank I’m not sure what this means. I think it means: not all spam is spam, some of it is ” well executed and highly targeted email marketing campaign”, and good spam filtering solutions deployed by corporates shouldn’t block all of it because some people might want this stuff in their inbox. I would have thought a company would want to keep out any junk that’s not specifically requested by an employee, especially if it’s for anti-ageing cream or Viagra. Odd, very odd. Can anyone explain this?