A study has found that only 1 in 12,500,000 pharmacy spam emails on the Storm botnet actually leads to a purchase.
According to Wikipedia, over 100 billion spam emails are sent every day, of which approximately 13% are health related. This means that about only about 1,000 purchases are made as a result of these messages every day, translating into less than half a million purchases every year. Is this really enough to make the whole thing worthwhile?
The average purchase price was 100 USD. If that’s a good index, and if the Storm botnet is representative, global pharma spam income is £365m. According to Spamhaus, 80% of spam is generated by 114 major spamming organizations. If response rates and income from purchases are distributed roughly evenly, each org is raking in a cool £2.56m a year.
/geek
Got my dollar and pound signs confused. Otherwise, yup.
Thanks for that, Alex. I wouldn’t complain about $2.6 million a year myself, but that’s still lower than I would have expected. Maybe I’m just trying to balance it against the amount of annoyance that spam causes…
Ah, I missed this in the full report [PDF]:
So our figure wasn’t bad for an order-of-magnitude calculation. Once you subtract the costs of spamming from this, this probably leaves very slim profit margins.
Aha – hooray for actual numbers, rather than our made-up ones. Not sure about the costs of spamming. I suppose with a botnet you’re outsourcing a lot of the costs (equipment, power, bandwidth, etc.), which takes the marginal cost per spam email from very very low to even lower than that. Of course, there’s still the cost of running from the law and holing up in some random country with inattentive ISPs.