The Rise Of "Spim"The Rise Of "Spim"

Claudia Siegel is annoyed. As a member of the global systems team at human-resource consulting firm DBM, part of business-information provider Thompson Corp., she uses Lotus Sametime instant messaging over a VPN to do her work. When operating outside the safety of her VPN, she, like her colleagues, occasionally receives unsolicited commercial instant messages.

"They're usually messages to get them to stop what they're doing--'Buy our software and you won't get this any longer,'" she explains. "It's a minor annoyance to me, but it's troubling because I don't know what capabilities this person has on my system or on our network."

Marketers have never seen a medium they didn't want to exploit. So it is that spam has come to instant messaging--yielding IM spam, or spim. It's been around a few years, but only in the past few months has it reached the threshold of disruption.

Officials at America Online, which runs the popular Instant Messenger service, and Microsoft, which runs MSN Messenger, say they've seen an increase in the amount of IM spam. Messaging and collaboration research firm Ferris Research estimates that the quantity of such solicitations doubled from 2002 to 2003, reaching 500 million last year. That's fast growth, though it's nothing compared with the 800 billion pieces of E-mail spam caught by just one anti-spam provider, Brightmail Inc., in 2003. Ferris Research president David Ferris dismisses the phenomenon. "Let's say there are 200 million IM users at the moment. So 500 million is just one every three or four months. It's just trivial."

AOL and MSN officials contend that one of the reasons instant-message spam is growing is that E-mail-filtering and anti-spam software is making conventional spam less effective, so peddlers of Paris Hilton videos and "organic Viagra" have to branch out to new media. "It's pretty bad for those who are getting it because it's so in-your-face," says Christopher Saunders, managing editor for InstantMessagingPlanet.com, a Web site that covers IM news.

Corporate IM environments such as IBM's Lotus generally offer authentication and security features that keep spim at bay. And even on public networks, because instant-messaging networks operate under tighter control than E-mail, users are better able keep themselves from being bothered. Public IM networks provide some tools to deal with the problem, such as MSN Messenger's policy not to allow messages from people who aren't on a user's buddy list. AOL 9.0 includes a feature called IMCatcher, which quarantines instant messages from unknown senders.

Certain habits put IM users at greater risk, such as posting their IM handle on the Web or in public directories. Stowe Boyd, managing director of collaborative technologies consulting firm A Working Model, points to the dangers of public chat rooms. People or even automated software programs are sometimes there just to get access to IM networks. "A lot of people have [thought] that they were talking to a person about a date or buying a car, and the next thing they know, a whole lot of URLs are being pushed toward them, which when clicked lead to a porno site or gambling site or something like that," he says.

Boyd also doubts that spim will ever wreak the havoc of spam. One reason is the fragmented nature of the IM networks--an AOL IM user can't talk with an MSN Messenger or Yahoo IM user. That's been a criticism of IM, but it's likely to inhibit the growth of spim. "Because the major instant-messaging networks have not worked toward any kind of public interoperability structure," he says, "it's extremely difficult to create a uniform mechanism to spim on all the networks."

But it's not impossible. Those running the IM networks are discussing greater interoperability. That could be just the incentive spimmers need.