The survey, conducted by Opinion Matters for GFI questioned 200 SMBs. It looked at respondents’ opinions about spam, their response to spam, and whether they had been adversely affected by spam. Unsurprisingly, almost 75% say they receive too much spam, and 61% say that they volume of spam they receive has increased over the last year.
More of a surprise, however, is that 46% of respondents rely solely on the anti-spam component of their anti-virus solution to filter out spam; and 70% say that their anti-spam solution is only marginally effective – or worse. Worryingly, as many as 14% of companies do not educate their staff on the dangers of spam.
The result is that as many as 40% of UK SMBs reported that they have suffered a data breach directly because of spam.
The original problem with spam was that it could include an attached file that included malware. But while most users have learned not to open unknown attachments, the current danger is with links included in the email itself. These links point either to a compromised website that redirects to a malicious site, or in disguised form straight to the malicious site itself. Here an exploit kit, such as Blackhole, attempts to infect the user.
GFI sees a correlation between the number of companies breached and the number of companies that rely on anti-virus for their anti-spam. “This research shows that the spam problem is not going away, and in fact, the delivery of malicious links and files makes it more dangerous than ever before,” said Phil Bousfield, general manager of GFI Software’s Infrastructure Business Unit. The solution, he believes, is multi-level email security comprising both on-site and cloud-based spam filtering.