The Future of Spam
by Fernando de la Cuadra - Friday, 4 May 2007.
In the 1930s, the US psychologist Abraham Maslow formulated a theory that according to which, everybody has a series of basic needs that must be covered in a certain order, so that until one has been covered, the next cannot be fulfilled.

These needs start with the most basic physiological needs, such as satisfying hunger and thirst, maintaining an adequate body temperature, etc. If one of these needs is not fulfilled, as it is a basic need, it will take priority over the rest. The next level includes security and safety needs. It reflects everybody’s need to feel safe and protected. In the Western world, they include having a decent home, living in an adequate area of a city, regular employment, etc. The third level of the Maslow pyramid includes social needs, affection, belonging, and acceptance. These needs cover friendship, love, social recognition, etc. The fourth and penultimate levels reflect esteem, recognition of the individual for the tasks carried out, such as work or study. The tip of the pyramid is self-actualization. These are the highest needs, the needs that help the individual to find a meaning in life, and include philosophical and religious experiences.

As the Romans confirmed centuries before in their motto “primum vivere deinde philosophari” (Live first, then, philosophize), this philosophy leaves the priorities of the individual very clear. But, what does this have to do with malware?

Spammers target several layers of the Maslow pyramid with a wide range of email messages. If you stop for a moment to think about the history of spam, you will be able to see what messages users have received.

One of the oldest spam messages was about mortgages. Independent real-estate agents and stockbrokers saw spam as a very good system for quickly earning commission. Backed by real investment or mortgage brokers, if clients carried out an operation and they had led the client to the corresponding website, they would earn commission by simply sending several (or several thousand) emails. This type of spam directly targets the second level of the hierarchy of needs, taking advantage of people’s need for a home.

Other types of spam attacks that have been carried out for a long time, and will continue doing so until the end of the Internet, are spam message referring to lotteries or casinos, and those that invite users to find love. These correspond to the third level in the Maslow pyramid, and are the most appropriate for computer users. People who have not been able to satisfy the basic levels, probably cannot, or even do not want to, access a computer to check their email messages.

Nowadays, there is nothing unusual about using the Internet and computers (especially for anyone reading this article), but on a global level, it is still an item available to very few, those that can afford to buy a computer, or that use a computer at work.

It is true that there are cyber-cafes, which make the Internet available to many people, but very few homeless people are going to worry about spam messages about sexual relationships. Therefore, the third level of the Maslow pyramid is the first level that computer users might need to satisfy. For this reason, the majority of spam targets these levels.

Finally, and another example of classic spam, is the fourth level, which represents esteem. And what better esteem than successful sexual relations? Email messages that promise pills for increasing your sex drive or systems for enlarging sexual organs simply influence this need. As they are repetitive and insistent, you may conclude that they must be effective, that the senders of these messages hit the target, otherwise they would have stopped sending them a long time ago.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th