So says an official report prepared for an OECD-EU meeting on Monday and Tuesday. Confidence in the entire environment of Internet communications and electronic commerce is at risk.

A simple answer is not at hand, says the report which has just been declassified by the OECD.

This contrasts to an assertion by Microsoft founder Bill Gates at the Davos Forum that his company would solve the problem within two years.

Many countries are tightening up legislation, and Internet service companies and direct marketing trade associations are introducing codes of practice.

Service suppliers are strengthening defences and changing their data and pricing arrangements, and software companies are trying to develop intelligent filters.

Various bodies have begun trying to inform the Internet public of the dangers and defensive measures.

But the report stresses that legislation alone is not a solution, if indeed solution there is. Even a basic measure whereby people can register as opting out of receiving unwanted mail, an arrangement likely to be ignored by most spammers, is flawed because many users fear that the option itself might be a spam trap.

Since the Internet is global, and spammers are difficult to locate and may work from countries with lax regulations, pursuit of spammers is "extremely difficult".

But organisations are beginning to turn to civil cases for damages and this trend "may deter spammers", the report suggests.

"The major problem of spam is that it creates distrust among Internet users in the digital economy which could have an adverse impact on the development of e-commerce," the report warns.

It is estimated that 51 percent of corporations "have had a virus disaster".

Viruses in spam have "led to a greater mistrust of e-mail as a secure communication mechanism", the report says.

In 57 pages mapping the world wide web of spam scam, the report warns of:

- "Spyware" which travels with an unwanted message to feed off information in distant computers, steals credit card numbers, passwords, and spies and reports on the user's computer connections.

- Spam gangs: organised groups of spammers.

- Identity theft, a rising crime whereby spammers clothe their messages with the identities of unwitting companies or individuals, misusing accounts. "Corporate identity theft can damge a company's brand worldwide."

- Dictionary attacks which go fishing randomly for names and e-mail addresses associated with a business or organisation, eliciting or extracting any real addresses thus encountered.

- "Fraudulent or deceptive spam": most spam messages are deceptive in some way and many are a vehicle for illegal activities ranging from financial fraud to the peddling of illicit products, "bogus no-risk" investment schemes, "miracle diets", and "prostitution, illegal online gambling serrvices, drugs or weapons".

- Spam pornography messages flash indiscriminately around the web, reaching children.

- Viruses concealed in messages which can multiply through recipients' address books, paralysing computers or obstructing vital services, and thereby "endanger public safety".

- Trojan horse-type e-mails are used by virus writers to slip their viruses into computers past the safeguards of virus walls.

Spam threatens the business environment in multiple ways" and is rapidly reaching into the world of mobile telephony, for example by inciting people to call up permanently engaged charge-call numbers and other such "spoofed" connections.

By infiltration techniques such as fishing randomly with thousands of computer-generated variations of known company personal addresses, spammers locate and "harvest" e-mail addresses from the unsuspecting.

Such junk mail brings with it many hidden costs for Internet service providers, for their customers, and for business and individuals. It reduces productivity.

For example, spam attacks can "paralyse or shut down" a company's networks. Staff time and company money is consumed in killing unwanted messages and devising counter measures.

In addition, good mail may be thrown out with the bad, and good direct marketing companies are discredited by bad practice.

Spam attacks on company computers and mailing lists pose security and legal risks.

In general confidence in the company and its brand damaged, particularly if chameleon spammers have turned their bogus messages into company-branded e-mails.

Huge numbers of e-mails may be sent by one distributor at very low cost. "This explains why spam is growing at such an alarming rate."

However one small study found that more than eight percent of respondents "admitted that they have actually purchased a product promoted by spam."

One anti-spam company, Spamhaus, says that only about 180 known individuals, working in "spam gangs", are behind all spam received in Europe and the United States.

The Japanese telecom operator DoCoMo is one company which has introduced a measures to reduce spam mail, such as charging a premium to originators of waves of e-mails.

SPACE.WIRE