How Should You Deal With False Positives?

By now, you should have heard about the problems LinkedIn has had regarding user accounts being compromised, and the subsequent spam campaigns that followed this breach.

In a fashion typical to modern society, people are starting to overreact. Emails coming from LinkedIn detailing how a user can change his or her password are being sent directly to the user’s spam folder.

And in case you are wondering, this was no run of the mill corporate email blast. LinkedIn took care to insure that their emails didn’t look like spam. They addressed each recipient by name, they made sure that the messages were DomainKeys Identified Mail (DKIM) signed and the message did not contain any links.

“Over 4% of the people receiving this email thought it was spam and sent it straight to the bit bucket. If LinkedIn sends out 6.5 million emails, then a quarter of a million people are congratulating themselves on avoiding spam — and still have a compromised LinkedIn password,” stated Alan Conway of Cloudmark Research.

So tens of thousands of people are running around while someone has free reign of their social network account that is supposed to reflect their professional life, not good.

But false positives happen all the time. In fact a story written by Sharon Gaudin for E Security Planet back in 2003 addressed the serious ramifications businesses face that are a direct result of the false positive problem.

Money being lost, customers being lost and opportunities being missed were the problems brought up in this article, but the truth is they are the same problems many businesses still face when it comes to blocking legitimate emails that are mistaken as spam.

Gaudin’s article referenced a study by Ferris Research citing that false positives cost US Businesses around 3.5 billion dollars in 2003.

In 2011, Osterman research made the claim that US businesses lost approximately 10 billion dollars due to this problem, if you look at the problem worldwide the cost rises to 40 billion dollars a year.

Since it is extremely rare to see a small or medium sized company is losing millions a year to false positives lets break the number down to just how much a typical business stands to lose. Osterman Research estimated that the typical organization lost approximately 230 dollars every year for each email user because of false positives.

That one account you were trying to close but missed out because you didn’t get back to the customer in time. The fee you had to pay because your company was late. Even those clients that just slipped through your fingers because they didn’t feel you responded to your emails quick enough. All of them could be attributed to false positives if the emails sent to you were inadvertently identified as spam.

But those are direct costs. How about all the time your staff spends searching for emails they know they should have received but somehow never arrived, only to find out later that they are sitting in the junk mail folder.

So for even a small sized operation with 15 employees you’re looking at an average bill of 3,450 dollars spent every year dealing with false positives. It may not seem like that much to some, but next time you have to forego a purchase or a raise for a star employee because you’re a bit short remember how much is being flushed down the drain with this one issue.

The sad part is, much of this can be solved with a reputable anti-spam solution that understands how to deal with false positives. And the 3,500 bucks could certainly go towards knocking down the price tag on that piece of equipment.

As the volume of email spam, phishing and email borne malware continues to increase, organizations are going to be forced to deal with these threats head on. This means that the amount of false positives, and the money spent dealing with them, is likely to increase as well.  The same Osterman study also stated the fact that with today’s technology, the number of false positives can be reduced to 1 in 400,000 emails received.

The question remains however, is your organization ready to put the tools and policies in place to see those types of results?

Written by Jeff


  1. Adrian Bassau · June 28, 2012

    False positives are a hard issue to sell because most times it’s a product of an overambitious filter or an overzealous user trying to protect themselves from spam, and isn’t that what we want? The sad thing is that for me, the time I took to beef up my spam filter to save me the time of looking through spam is now being spent regularly checking my spam folder to make sure there’s no false positives. The whole situation created a net gain of maybe 10 minutes per week instead of the hours I was hoping for.

  2. Cathy Tess · June 29, 2012

    For me the worst with false positives is that they seriously disrupt communication. Boy, do I know how many long-waited for messages I’ve dug from my Spam folder over the years? It’s like sentencing somebody/something innocent based on the guilty by association principle. But unfortunately this can’t be avoided – if we have no spam filters, then the problem gets much more serious.

  3. Germain Alberto · July 1, 2012

    I have experienced that myself. I get emails from valid sources and it goes straight into my SPAM and it gets ignored until someone points it out to me.

    Customer communication should be a multi-media approach. You don’t just email clients, you call them if a certain email is not being responded after a certain period. That’s one way of verifying if the client was able to read the email, understand it and respond to it.

    That’s why call center are necessary especially if you are a big company, not just to make sales calls or take customer service inquiries but also to proactively communication with your clients regarding certain issue communicated via email.

  4. Kim Thesdale · July 25, 2012

    It’s always an issue of balance. And balance, is tricky, it is a moment by moment thing. YOu achieve it one minute, another minute, you don’t.

    I understand the overzealousness. After all, so many have been burned, inconvenienced and lost money due to spam and phishing attacks. But, as I said, it should also be tempered.

    But for those users who must face the brunt of overzealousness of those fighting against spam, the best thing to do is to regularly check your spam folder for any legitimate emails that might have inaccurately tagged as such and click on that button that says Not Spam. This is send an advice to mail clients that they’ve wrongly tagged an email as such.

Leave A Reply