Best Practices How Do Spammers Make Money? By Graeme Caldwell | 4 minute read Why Do Spammers Spam? We all get spam from time to time, but I’d bet a vanishingly tiny number of the people reading this article have ever clicked on a link in a spam email. Even fewer will have bought something from the websites spam emails link to. So where’s the money in spamming? A Small Part Of A Billion Is Worth Having The sad fact is that sometimes people do click on those links, and they do buy the products the spam email is intended to advertise. The proportion is tiny—fractions of a percentage point. But a tiny fraction of a large number is not nothing. It doesn’t cost the spammer much to send a million emails, and if the return is more than they spend to send the email, then spamming becomes an attractive proposition. Think about it like this: of all the emails a spammer sends, most won’t be delivered; of those that are delivered, most won’t be opened (unless, of course, you’re James Veitch); that vast majority of people won’t click on the links even if they do open the email; and, if they do click on the links, most won’t buy the product being advertised — which is probably a scam anyway. But enough make it through to the end of the line to make spamming a viable proposition. Video via TED Spammers Don’t Spam On Their Own Behalf The people who send spam—the hackers, botnet owners, and online criminals—usually don’t spam on their own behalf. They operate spam networks, not product sites, ecommerce stores, and the like. The owners of such businesses may regard spamming as a legitimate marketing strategy, and so they pay the spammers to use their networks to spam, in the same way a legitimate business might pay AdWords to have advertising placed on the websites of prominent publishers. That puts a slightly different spin on the “does spam make money” question. From the perspective of the spammers, it matters less that spamming is an effective money generator. It just matters that their customers—the business owners—believe it is effective. Ransomware And Other Malware Infecting the world’s computers with malware can be lucrative venture. Phishing is a subset of spamming in which spammers send emails that look like they’re from a legitimate organization like a bank, but include links to malware sites or documents with payloads that exploit security vulnerabilities. The malware might be used to steal credit card details and other private information. Or it might encrypt the data on the machine and demand that the owner pay a ransom for the key. No One Likes Spammers Businesses that send and receive email try their hardest to prevent spam getting to users. That’s a problem for spammers. They have to constantly replenish their infrastructure, because if data centers, web hosting companies, and email providers find their resources being used to spam, they shut the spammers down. As a result, spammers are aggressive about finding server resources they can exploit. Businesses that offer email services are at risk of being victimized by spammers who want to use their infrastructure. MailChannels works with email providers and web hosting companies to ensure that spam is stopped before it hits the open web. Because it’s not practically possible to stop spammers from exploiting your resources, you need to identify spammers by watching the email they generate. MailChannels Cloud uses sophisticated algorithms and machine learning approaches to spot spam-like trends in the stream of outgoing email coming from your servers and applications. Discover more about MailChannels Cloud and how we can help to identify spam leaving your network—and stop it before it can damage your IP reputation. Now that we’ve talked about how spammers make their money, find out how they spend it in our post: How Cybercriminals Spend Their Money.