Seventeen million Americans who use services like America Online's Instant Messenger and Microsoft's MSN Messenger have received unsolicited commercial messages through the services at least once, according to a survey released today by the Pew Internet & American Life Project. That amounts to one third of the 52 million adults who use the Internet communications software, according to Pew Internet Executive Director Lee Rainie.
"The people who brought you spam ... are trying to figure out whether this is a cash cow," Rainie said. "It's an iron law of modern capitalism that wherever people are gathered, commercial messages will eventually intervene."
The results are based on a nationwide poll conducted by telephone from Jan. 13 to Feb. 9. The study did not include children under the age of 18, widely considered to be one of the largest groups of instant message users. Rainie said that the number of people reporting they had received unsolicited instant messages, often referred to as "spim," would have been higher if the survey had included minors.
The amount of spim went from being almost zero in 2003 to being just under 5 percent of all instant messages sent in 2004, according to Francis deSouza, co-founder and chief executive of IMLogic, a Waltham, Mass.-based instant messaging software developer for businesses. He said that number will be closer to 8 to 10 percent by the end of 2005.
IMLogic estimates that about 400 million people use some kind of instant messaging service today, sending between 5 billion and 6 billion instant messages a day.
Spim is showing the same growth trajectory as e-mail spam did five years ago, deSouza said. "We know the growth isn't linear, it's exponential."
One factor fueling the rise of spim is the adoption of instant messaging as a business communications tool, said Paul Judge, chief technology officer at CipherTrust Inc., an e-mail security company based in Alpharetta, Ga.
"[Only] 15 percent of businesses have rolled out an internal IM service," Judge said. "As that changes over the next couple of years ... attackers [will] follow the money, follow the people."
Much of spim is generated by online hucksters eager to find new moneymaking opportunities, but hackers and virus writers also use the programs to try to take over people's computers by relying on the instant messaging user's trusting nature, said Scott Chasin, chief technology officer at Denver, Colo.-based anti-spam firm MX Logic.
"The end user of an instant messaging service is more likely to trust a link that arrives in a spim-oriented message because it's coming from a trusted source," he said. Computer users are already wary of unsolicited messages in their e-mail due to the worsening spam problem, but spim has yet to taint instant messaging similarly, Chasin said.
Spim accounts for less than 1 percent of the 1.5 billion messages sent through AOL's Instant Messenger service daily, said America Online spokesman Nicholas Graham.
"We're not hearing from users that spim is adversely impacting their online experience with any great frequency. It's very much an exception to the norm to get an instant message spim," AOL's Graham said.
He added that AOL expects the problem to get worse "as an industry issue," but said spim currently remains "very much on the periphery."
Last October, AOL filed a lawsuit in the U.S. District Court in Alexandria against unknown instant message spammers who targeted both AOL members and people who use a free version of the software available on the Internet.
Brooke Richardson, lead product manager for MSN Communications, said users of Microsoft's MSN Messenger service send more than 2.5 billion messages daily. Microsoft does not have specific numbers on how many of those messages are spim, she said.
AOL and Microsoft both have teams working on ways to cut down on spim. The companies include features in their software to allow people to restrict who can contact them.
The Pew survey was released less than a week after the U.S. Attorney's Office in Los Angeles announced the arrest of 18-year-old Anthony Greco of Cheektowaga, N.Y., on charges of violating the federal Can-Spam law. Greco, who was arrested in Los Angeles on Feb. 16, allegedly sent 1.5 million illegal instant messages advertising pornography and mortgage refinancing deals to users of the MySpace.com instant messaging service. He faces up to 18 years in prison for three computer crime charges. Assistant U.S. Attorney Brian Hoffstadt said that he believes this is the first time anyone has been arrested for sending spim.