Consumers Don't Relate Bot Infections to Risky Behavior as Millions Continue to Click on Spam

By Messaging Anti-abuse Working Group maawg, PRNE
Tuesday, March 23, 2010

MAAWG 2010 Email Security Consumer Survey Expands to North America and Western Europe

SAN FRANCISCO, March 24, 2010 - A significant percentage of consumers continue to interact with spam
despite their awareness of how bots and viruses spread through risky email
behavior, according to the Messaging Anti-Abuse Working Group (MAAWG) based
on a new survey it released today covering North America and Western Europe.
Even though over eighty percent of email users are aware of the existence of
bots, tens of millions respond to spam in ways that could leave them
vulnerable to a malware infection, according to the 2010 MAAWG Email Security
Awareness and Usage Survey.

(Logo: )

In the new survey, half of users said they had opened spam, clicked on a
link in spam, opened a spam attachment, replied or forwarded it - activities
that leave consumers susceptible to fraud, phishing, identity theft and
infection. While most consumers said they were aware of the existence of
bots, only one-third believed they were vulnerable to an infection.

"Consumers need to understand they are not powerless bystanders. They can
play a key role in standing up to spammers by not engaging and just marking
their emails as junk," said Michael O'Reirdan, MAAWG chairman.

"When consumers respond to spam or click on links in junk mail, they
often set themselves up for fraud or to have their computers compromised by
criminals who use them to deliver more spam, spread viruses and launch cyber
attacks," O'Reirdan said.

The research findings on awareness of bots, email security practices, and
attitudes toward controlling spam were generally consistent with the first
MAAWG consumer survey in 2009 covering North America. The new 2010 survey was
expanded to cover Western Europe and looks at consumers' attitudes in Canada,
France, Germany, Spain, the United Kingdom and the United States.

It Won't Happen to Me Syndrome

Less than half of the consumers surveyed saw themselves as the entity who
should be most responsible for stopping the spread of viruses. Yet, only 36%
of consumers believe they might get a virus and 46% of those who opened spam
did so intentionally.

This is a problem because spam is one of the most common vehicles for
spreading bots and viruses. The malware is often unknowingly installed on
users' computers when they open an attachment in a junk email or click on a
link that takes them to a poisoned Web site, according to O'Reirdan.

Younger consumers tend to consider themselves more security savvy,
possibly from having grown up with the Internet, yet they also take more
risks. Among the survey's key findings:

    - Almost half of those who opened spam did so intentionally. Many wanted
      to unsubscribe or complain to the sender (25%), to see what would
      happen (18%) or were interested in the product (15%).
    - Overall, 11% of consumers have clicked on a link in spam, 8% have
      opened attachments, 4% have forwarded it and 4% have replied to spam.
    - On average, 44% of users consider themselves "somewhat
      experienced" with email security. In Germany, 33% of users see
      themselves as "expert" or "very experienced," followed by around 20% in
      Spain, the U.K. and the U.S.A., 16% in Canada and just 8% in France.
    - Men and email users under 35 years, the same demographic groups
      who tend to consider themselves more experienced with email security,
      are more likely to open or click on links or forward spam. Among email
      users under 35 years, 50% report having opened spam compared to 38% of
      those over 35. Younger users also were more likely to have clicked on a
      link in spam (13%) compared to less than 10% of older consumers.
    - Consumers are most likely to hold their Internet or email service
      provider most responsible for stopping viruses and malware. Only 48% see
      themselves as most responsible, though in France this falls to 30% and
      37% in Spain.
    - Yet in terms of anti-virus effectiveness, consumers ranked themselves
      ahead of all others, except for anti-virus vendors: 56% of consumers
      rated their own ability to stop malware and 67% rated that of
      anti-virus vendors' as very or fairly good. Government agencies,
      consumer advocacy agencies and social networking sites were among those
      rated most poorly.

The survey was conducted online between January 8 and 21, 2010 among over
a thousand email users in the United States and over 500 email users in each
of the other five countries. Participants were general consumers responsible
for managing the security for their personal email address.

Both the survey's key findings and the full report are available at the
MAAWG Web site, The 2010 research was conducted by
Ipsos Public Affairs, and the full report includes country comparisons for
many of the questions along with detailed charts.

About the Messaging Anti-Abuse Working Group (MAAWG)

The Messaging Anti-Abuse Working Group (MAAWG) is where the messaging
industry comes together to work against spam, viruses, denial-of-service
attacks and other online exploitation. MAAWG (
represents almost one billion mailboxes from some of the largest network
operators worldwide. It is the only organization addressing messaging abuse
holistically by systematically engaging all aspects of the problem, including
technology, industry collaboration and public policy. MAAWG leverages the
depth and experience of its global membership to tackle abuse on existing
networks and new emerging services. Headquartered in San Francisco, Calif.,
MAAWG is an open forum driven by market needs and supported by major network
operators and messaging providers.

Media Contact: Linda Marcus, APR, +1-714-974-6356,,
Astra Communications

MAAWG Board of Directors: AOL; AT&T (NYSE: T); Cloudmark, Inc.; Comcast
(Nasdaq: CMCSA); Cox Communications; Eloqua; France Telecom (NYSE and
Euronext: FTE); Goodmail Systems; Openwave Systems (Nasdaq: OPWV); Time
Warner Cable; Verizon Communications; and Yahoo! Inc.

MAAWG Full Members: 1&1 Internet AG; Apple Inc.; Bizanga LTD; Cisco
Systems, Inc.; Constant Contact (CTCT); e-Dialog; Experian CheetahMail;; Internet Initiative Japan, (IIJ Nasdaq: IIJI); McAfee Inc.;
NeuStar, Inc.; PayPal; Return Path, Inc.; Spamhaus; Sprint; and Symantec

A complete member list is available at

Linda Marcus, APR, +1-714-974-6356, lmarcus at, Astra Communications, for MAAWG

will not be displayed