Ferris Research recently predicted that there would be 40 trillion spam messages sent this year. It would seem then, that we have a continuing problem on our hands, especially since spam has morphed from simple, but annoying, advertisements to Trojan horses and links to malware-infected web sites. The focus of spam has changed. Five years ago, spam was designed to sell us something; today, it is designed to steal something from us. Spam is no longer just a cheap tool used by a two-bit marketer to peddle get-rich-quick schemes; it is now used by organized criminals in pump-and-dump stock schemes, to sell illegal goods, or to steal passwords and account numbers.

Wasn’t there supposed to be legislation to help eliminate spam? Remember the CAN-SPAM Act? It didn’t seem to have done its job. Oh, yes, it did make spamming illegal, and there have been a few high-profile cases. Some heads have rolled. But the spamming continues unabated, and in fact, has increased tenfold over the past five years since the Act was first passed. This week, Network World ran a review of the CAN-SPAM Act and what went wrong, noting that when the bill was passed, 45 percent of emails were spam. This outrageous number triggered the passage of the CAN-SPAM Act. Yet today, 97 percent of emails are spam, and there were 164 billion spam messages sent during the month of August.

CAN-SPAM has in fact, done very little to stem the tide of spam. Of course, it did have some positive results; it set a standard for those who want to follow the rules. Legitimate companies now have a set of guidelines to abide by, and conduct their online marketing campaigns in a respectable manner. But for those who don’t care about the rules, it’s easy to run and hide. To be sure, if a notorious spammer is caught, they can be prosecuted under the act, but it’s no easier today than pre-CAN-SPAM to find and catch the bad guys. And because this is a piece of American legislation, it doesn’t apply to the spammers that are in Russia, China, or other countries.

Part of the reason for the spam explosion is the increased reliance on botnets, which generate huge volumes of spam email.

In fact, the CAN-SPAM Act is well-intentioned, even though it did not stem the massive flow of spam. In retrospect, it’s obvious that doing so would have been impossible. The biggest part of the solution is in education and preventive technology. People are still falling for the scams and come-ons, and we need to work harder to get the word out. We in the technology industry are pretty well-informed, but the rank-and-file people out there might not have gotten the memo.

Hey, I just checked my email, and a barrister in Nigeria just told me that my dead relative had a million dollars due from the government and that they’ll be sending me a check soon, and all I have to do is send them my bank account number!