Spam may not be the headline-grabbing topic it once was, but as our research friends in the GFI Labs continue to point out, spam and phishing attacks are still a preferred tactic of cybercriminals.

To get a better sense of how businesses are coping with spam, we conducted a survey this month of 200 US and 200 UK IT decision makers at businesses with between five and 1,000 employees. While we assumed businesses continue to struggle with spam, we were surprised to learn how many businesses are not taking advantage of the latest technology available to them to combat these threats and better defend their networks.

An overwhelming majority of survey respondents—72% in the US and 75% in the UK—state they receive too much spam. Not a terribly surprising stat, but when asked about the volume of spam they were dealing with over the last year, more than 80% of respondents in both regions reported no decrease in the amount of spam plaguing their networks. In fact, 53% of US respondents and 61% of UK respondents report that spam volumes actually increased during the last year. Only about 15% of respondents saw a decrease in spam.

Seeing those numbers, it’s no surprise that 70% of respondents rate their anti-spam solution as either marginally effective or not effective at all. So what solutions are these businesses using to defend their networks? Here’s a breakdown:


Anti-Spam Solution



Rely on anti-spam capabilities of an antivirus suite



Rely on an anti-spam software solution



Rely on a cloud-based solution



Rely on an anti-spam gateway appliance



Do not use an anti-spam solution




There are some interesting findings revealed here.

First, while the heavy reliance on the anti-spam capabilities of an antivirus security suite is nearly identical in both regions, it is not among the smallest businesses where that is most prevalent. The highest percentage of businesses (about 65%) in the US and UK saying they rely on their antivirus suite for spam protection was among businesses with 50 – 99 employees. It was not among businesses with fewer than 50 employees, where one would expect less robust IT security awareness and expertise.

Second, it appears that US businesses have been quicker than their UK counterparts to adopt cloud-based solutions to battle spam and phishing attacks before they reach their network. More than 14% of US businesses are already using a cloud-based solution to combat spam compared to only 8% of businesses in the UK.

GFI Software is a strong proponent of a multi-layered approach to mail security. A comprehensive anti-spam solution incorporates a combination of defenses located on premise and in the cloud, which GFI Software provides through GFI MailEssentials™.

Businesses Know The Dangers of Spam

When asked about their top concerns about spam, security clearly topped the list. In the US, 29% of respondents say their top concern was malicious links and files often harbored in spam, while 22% cite how spam leaves their company and employees vulnerable to phishing attacks. In the UK, 23% and 22% of respondents cite malicious links and files, and potential phishing attacks, respectively, as their top concerns. Additionally, 20% of UK IT decision makers say spam’s impact on the responsiveness of their mail servers was their top concern.

Finally, nearly 90% of all respondents in both regions say they regularly educate employees about the risks of opening spam that arrives in their inbox. But are they doing enough? 40% of businesses in the UK and 44% of businesses in the US say their networks have been compromised as a result of employees opening malicious links or by responding to information requests contained within spam. Until businesses take full advantage of the latest technologies available to them to better block spam, they’re going to have to rely heavily on a well-educated employee base. We can probably all agree that is not enough.

How do you combat spam? Do any of these findings surprise you?

Here’s our infographic visualizing the survey’s US data:

Spam Survey Infographic 2012 - US

View the UK version of the infographic

Survey Methodology

The independent blind survey of 200 US and 200 UK IT decision makers organizations with between five and 1,000 employees was conducted by Opinion Matters on behalf of GFI Software. Download the full survey results.

Like our surveys and infographics? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!


Get your free 30-day GFI LanGuard trial

Get immediate results. Identify where you’re vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.