Printer Friendly

Email Database Security Audit Reveals Widespread Risk to Online Corporations: 93% Vulnerable to Hackers, FTC Fines.

TUCSON, Ariz., July 8 /PRNewswire/ -- Online corporations are widely vulnerable to the potential of having their in-house email databases destroyed by simple hacker scripts, says a new study.

Authored by permission email marketing developer Mike Adams, president of Arial Software, the study covertly audited the email subscription process handling of 1,057 prominent online organizations (including many Fortune 500 firms) and found that 93% are vulnerable to hacker attacks that would pollute or destroy the integrity of their in-house email databases.

The study, titled "2004 B2C CAN-SPAM Compliance Audit" cites security risk concerns stemming from the failure of online organizations to engage in a practice called "double-confirm email processing," meaning that when end users subscribe to an email newsletter, they are sent a confirmation email containing a unique hyperlink that must be clicked to confirm their subscription. Only 7% of online organizations use double-confirm processing, according to the study.

The other 93% are vulnerable to hacker attacks that can pollute or destroy the integrity of their in-house permission email databases. Because they don't confirm email subscriptions, a hacker could easily write a script that generates and posts the entire dictionary of names and email domains to the databases of these organizations. The next time one of these targeted organizations sends out an email newsletter, they will effectively be spamming hundreds of thousands of end users with unsolicited email. In response to such widespread spamming, the Federal Trade Commission (FTC) could justifiably fine these companies hundreds of thousands of dollars for violating the federal CAN-SPAM Act.

Even some of the largest Fortune 500 firms remain vulnerable. Study author Mike Adams subscribed to Coca-Cola's email alert list, with no questions asked. "A malicious script could theoretically fill Coca- Cola's database with ten million spam emails purchased off a $99 spam CD," explains Adams. "For sending an email message to this list, Coca-Cola's liability could amount to millions of dollars in fines." Even more alarming, when the bounty hunter provisions of the CAN-SPAM Act are put into place, every end user who receives an unsolicited email from such circumstances could demand a cash settlement, creating a legal and financial nightmare for firms caught in the act.

Yet tools are readily available that automate and simplify the double confirm subscription process. Zeop ( offers a tool that works on any website and costs nothing. Other tools are detailed in the report.

The complete "2004 B2C CAN-SPAM Compliance Audit" is available for viewing or downloading at

About Arial Software

Founded in 1993, Arial Software is widely considered the leading industry pioneer in permission email marketing software. The company's products are used by thousands of businesses, non-profits, associations and other groups to compose and send email newsletters and personalized messages directly to subscribers, customers, prospects and members.

CONTACT: Steve Delgado, Media Relations of Arial Software, +1-520-615-1954, ext. 15,

Web site:

Web site:
COPYRIGHT 2004 PR Newswire Association LLC
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2004 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Publication:PR Newswire
Date:Jul 8, 2004
Previous Article:New Software for the PC Makes Personalized Email Marketing Newsletters and Campaigns Easy, Affordable: Arial Software.
Next Article:Aspen Education Group Acquires New Leaf Academy in Oregon; Addition of First 'Middle School' Expands Aspen's Ability to Serve Needs of...

Related Articles
Cyber Cops and Robbers to Do Battle.
Succeed(R) Corporation, ScanAlert(TM) Partner to Bring HACKER SAFE Certification to Online Retailers; Independent Website Security Certification,...
Personal data liability.
Viruses on rise, but are companies liable?
Two-Thirds of Online Organizations Violate CAN-SPAM Act, Says Email Marketing Practices Study.
ScanAlert(TM) Partners with C I Host to Provide Hacker Safe Certification of eCommerce Sites; Independent Web Site Security Certification Available...

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters