Tinotopia (Logo)
TinotopiaLog → The Economic Fallacy of Spam ( 6 May 2003)
Tuesday 06 May 2003

The Economic Fallacy of Spam

The conventional wisdom — you see this repeated all the time in the news — is that spamming is a business like any other, if a bit more annoying. That, yes, the response rates are incredibly low, but that this isn’t important because the cost of sending out millions of e-mails is almost nil.

The Wall Street Journal this morning characterizes (subscription required) it this way:

It’s as if the post office offered a small business free postage and same-day shipping for 100 million brochures. What fool wouldn’t jump at the offer, particularly if everyone else was already doing it?

The Journal is usually better at understanding economics than this.

To begin with, sending out spam is not free. It’s nowhere close to free. Sending out the volumes of mail that people associate with spam is actually a fairly expensive proposition. You’ve got to buy a computer — multiple computers, if you’re going to send out 100 million e-mails — software, the mailing list itself, and network access.

Oh, and that network access is going to cost you, in money and especially in effort, because you’re going to have to switch providers every day or two as you get banned for sending out spam.

You also have to write the pitch, have something to sell, have a way to collect payments, and, if you’re selling something physical, have a way to ship it.

After all that, yes, the marginal cost of sending a single e-mail is close to nothing. This does not mean that someone selling one $29.95 penis lengthener after sending out a million e-mails is going to make much (or any) money in the end.

Let’s look at what the spammers are trying to sell: over the weekend, my main e-mail account got spam in nine distinct categories:

6Find out anything about anyone
5Penis enlargement
5Reverse aging/HGH/feel younger
5Get-rich-quick schemes
3Shady prescriptions
2Mail-order degrees
9other (includes eBay scams, Iraq most-wanted cards, catalog scams, miracle flashlights, sexual stamina boosters, credit card scams, random software offers)

Anyone who is at all familiar with spam will note that these are the same things that have been heavily spamvertised for the last year, at least. And the porn ads, the most numerous and the only ones that seem likely to draw repeat customers (after all, once you’ve found a good source for your PhD. or your generic Viagra — some places sell both in a package deal — you’re likely to stick with the people you know), generally aren’t advertising porn websites at all, but rather websites filled with pay-per-impression ads for other websites that offer dozens of pay-per impression ads for etc., etc. ad infinitum.

It’s unlikely that anyone is making any significant money off any of this stuff any more, if they ever did. Most of the people who are interested in these particular products will have bought them the first time they saw the ad for them, or the second, or… the hundredth. Sure, a few people who have been living under a rock will keep buying now and again, but by and large these products either are outright scams or are not in demand to begin with. If these things were actually in demand, they’d be selling them down at Wal-Mart. (The few spamvertized products that are in demand, like mortgages, are tainted by their association with spammers; the value of a mortgage offer from Sarah81234@hotmail.com is nowhere near the value of a mortgage offer from a legitimate financial institution.) And besides all that, these products have been marketed to death already.

It’s been suggested that the main product of spam is… spam. That is, the spammers make their money by selling e-mail addresses to other spammers. The majority of the spam you get isn’t trying to sell you anything at all, but rather just trying to see whether your e-mail address works. When you’re sent an HTML spam with pictures in it, the spammer can see whether a particular image was loaded from their web server. If the image that was encoded into a spam sent to your address was loaded, it can be assumed that someone is reading that mail. The address is verified, and thus more valuable.

This would indicate that the main fuel for the spam industry to expand and indeed to survive is gullibility. If selling addresses make the spam world go ‘round, then the industry would need regular and large infusions of capital from the outside world, or nobody would make any money at all.

If addresses and not dollars are the main product of most spams, then spam will continue only as long as those addresses are valuable; and those addresses will be valuable only as long as new people continue to enter the industry believing that they’ll be able to make money. And here’s the odd thing: the constant media coverage of how pervasive spam is, and how hard it’ll be to ever stop spam because it’s sooo lucrative feed the spam industry. People who don’t know anything about economics read in the Wall Street Journal that it’s possible to “make money” with a response rate of one in a million, and they head out to buy a mailing list.

For a lot of them, I think it eventually becomes a game, a test of their wits to see how many spams they can manage to get past anti-spam filters, ignoring whether or not getting an ad to someone who is deliberately trying to avoid it, and thus not likely to buy whatever it is you’re selling, is worth the effort.

There are, to be sure, some people for whom spamming works financially: people already in some kind of mail-order business where the competition is so fierce that you can’t afford to worry about your reputation (I’m thinking mail-order pharmacies and porn here, among other things), and there are some people like this guy who make money by acting as spam cannons, people who sell spamming software, and people who sell mailing lists on a large scale. Only the legitimate direct merchants — legitimate here meaning not people selling generic Viagra out of their basements — stand to benefit from spam in the long run, and even them I’m not so sure about. The rest of them I predict will eventually get out of the practice — and I’m figuring that before assessing the cost of dealing with deliberate anti-spam efforts, which are proliferating.

In the meantime, we’re sure to see increasingly desperate measures by spammers attempting to get their ads past increasingly-sophisticated filters, and some high-profile battles on Court TV as the laws evolve and prosecutions of spammers increase. Here’s to hoping that the news media will begin to critically examine the economics of spam, rather than repeating the tired old line about response rates.

(N.B. If you send me mail about any of this, be sure to include the word “NOSPAM” in your subject line; mail mentioning many of the topics here gets filtered into the spam bucket.)

Posted by tino at 08:39 6.05.03
This entry's TrackBack URL::

Links to weblogs that reference 'The Economic Fallacy of Spam' from Tinotopia.

I think that utimately spam will collapse, but not in the way you state. The spam that I have received and investigated has been a bit different that what you describe. For a while I was receiving two spams a day from a firm in China that sent spam for their client companies. The messages referred you to a website for the clients, which was again run by the Chinese firm. All the clients were American. What I think will happen is that the Chinese firms expenses will continue to go up(constantly installing new T1s), which will be passed along to their client companies. At some point the clients will decide that the cost/response ratio will become too high, and will stop employing the firm. Hence spam will collapse.

Posted by: RRP at May 7, 2003 08:41 AM

I agree with your article but I think one important point is missing. Spammers sometimes send out spam not to sell but to assemble an army. I’m not talking about people who opt out and confirm their identity, I’m talking about auto generated spam that encodes your email address in a image link or something from which they can tell if you opened an email (even if you just highlighted it to delete it)

From this information they can sell your email address again and again (once you get on a list it is all over) or send you spam formatted to take advantage of known exploits in an attempt to turn you into a zombie (which is unfortunately pretty easy).

As for encoding unique id info into a piece of spam, I’ve commonly seen them embed it in a image link that points to .cgi. The info would be in their webserver log and figuring out which addresses are real becomes trivial even if a user doesn’t click the link.

Most people don't patch and don't understand what a firewall is so it is downright simple to assemble an army of zombie bots and generate click traffic to any site the spammer wants. I think some of the most outrageous spam (is their really such a market for bestiality?) is engineered just to get a reaction out of people so they visit a link to complain etc. A lot of this spam is devoid of info and just begs a user to go to the site to complain (exactly what the spammer wants since they can then take advantage of the vulnerability of the day).

They don’t need to sell products to make money. They just need to fool companies into thinking their advertising works (even if it is just a trojan process on a CPU that is generating the click). Having 50,000 zombie slaves you can call up at any time to do anything you want (even if they can’t buy) greatly simplifies the process.


Posted by: Matt Ramadanovic at March 7, 2004 04:32 PM