Spam vs. Hijacking
The most common and widespread form of spam is spam from an alien sender directly to me. Alien in the sense that they are unknown to me and directly to me in the sense that it lands directly in my inbox (or, more often, my spam filter). An email address like DrJosephAbudai@yahoo.cn and sent to dozens of variations of my email address. It’s carpet bombing and, like carpet bombing, is not very effective.
Increasingly the spam that does find its way into my inbox is of two related types. The first are hijacked direct sources: people I know who have had their accounts hacked and are unknowingly sending spam. And the second is indirect: social network accounts of people I know who have had their accounts hacked. Both types reveal a problem with traditional spam reporting. If I don’t know you and you send me spam then I am inclined to click the spam reporting link. If I do know you then I assume you’ve been hacked, but I don’t want to report you as a spammer because then you’ll potentially lose your account.
A solution would be a “report this as a hijacking” link adjacent to the “report this as spam” link on all messages. If the former is activated then the host would automatically change the passwords for the account, shut down outgoing mail, send an in-bound email to alert the user of the hijacking, and require re-authentication on the next login.
With this new feature I’d be inclined to report more of these incidents faster and networks & mail hosts could respond more quickly.