you get junk mail with snail mail, you get junk mail in Email.

Like catalogs and mail order you get in snail mail there will always be a market for that as there will always be people who want to buy stuff from those catalogs and mail orders.

But what started out as advertising junk, turned into an attack vector for criminals.

Since email is global, a criminal in "Russia" or "China" can conceivably steal information from someone living in Hawaii.

Before email and computers, criminals basically had to visit the residence and break in. Now they can do it from anywhere in the world.

That's where spam as an attack vector becomes a serious problem. Especially when the spammers can spook addresses and as the report shows, the majority of people look at the sender.

I do find it interesting that consumers believe it's an ISP/ESP responsibility for taking care of malicious emails. I think that came about because email providers like AOL/Hotmail/Yahoo mail & GMail all advertised that they have spam guards as a marketing inducement for users to use their service, thus the user now believes it's the providers responsibility. To me, that's like the snail mail postal service throwing away junk mail for you so that doesn't get to your snail mail mail box. The postal service isnt' ever going to do that.

Is there a solution? Probably the only solution is regulatory. Regulatory email in that one simply can't install an email server and begin to send out malicious email. Cloud Computing might be an answer in that the entire world wide web service is provided by 2 or 3 companies. Ma Bell is an example where the telephone systems are regulated and the ability of telemarketers are highly regulated almost to the point of unprofitability.

Until there is some regulattions on domain names, where you can't spoof/spook email addresses, spam as an attack vector for criminals will continue to be a serious problem for the individual.

That is unless everyone goes back to the old days of visiting the bank and using paper statements.

If consumers removed financial information from their computers or put them on computers not connected to the internet, thus removing the inducement to steal, malicous email and other attack vectors will continue to be a serious threat.