Zombie Spam Machines
Is Your Computer Infected and Sending Out Spam Without You
There has been quite a bit of news about
viruses, phishing attempts and
spam, but little warning about zombies.
Not the kind of zombie on late night tv movies, but a type of computer virus
that infects your pc and causes it to send out spam emails, by the millions, for
a spammer. The spammer controls and uses your pc without you knowing it.
How do zombies work?
Spammers may be using your computer to send unsolicited — and possibly
offensive — email
offers for products and services. Spammers are using home computers to send bulk
emails by the
millions. Indeed, computer security experts estimate that as much as 30 percent
of all spam is relayed by infected computers actually located in home offices
and living rooms, but controlled from spammers from afar.
According to the Federal Trade Commission (FTC), the nation’s consumer
spammers can get into your computer in several ways, depending on what kind of
Internet connection you have. All computers connected to the Internet are
potential targets, but those with broadband (dsl, cable modem) connections are
especially attractive to spammers because they are “always on.”
Spammers scan the Internet, searching for points of entry and then install
hidden software that allows remote access to your data and programs. That, in
turn, allows the spammer to send relay their spam and send the spam messages out
from your computer.
How does your computer become infected with a zombie?
Remote access software also can be installed by a virus: A spammer sends
email with a virus in the
attachment. If you open the infected attachment, a virus is released that
installs the hidden software.The person who sent the virus now can access the
data and programs on your computer, or take over many computers and use them to
How would you now if your pc is a zombie?
It can be very difficult to tell if a spammer has installed hidden software
on your computer, but
there are some warning signs. For example,
- you may receive emails accusing you of sending spam;
- you may find email messages in your “outbox” that you didn’t send; or
- your computer is using more power than it has in the past to run the
programs you use. (typically, the computer becomes slower to respond)
If your computer has been taken over by a spammer, you could face serious
Internet Service Provider (ISP) would see the huge number of emails coming out
from your account and may prevent you from sending any email at all until the
virus is treated, and treatment could be a complicated, time-consuming process.
How do I prevent my computer becoming a zombie?
- Anti-virus software: Use anti-virus software and keep it up to
date. You can download anti-virus software from the
Web sites of software companies or buy it in retail stores. Look for
anti-virus software that recognizes current viruses, as well as older ones;
that can effectively reverse the damage; and that updates automatically. CFR
recommends McAfee, Norton (Symantec), Zone Alarm and Kapersky. And for
a free option, AGV is pretty good.
- Don't open unknown emails: Be cautious about opening any
attachment or downloading any files from emails you receive.
Don’t open an email attachment — even if it looks like it’s from a friend or
coworker — unless you
are expecting it or know what it contains. If you send an email with an
attached file, include a text
message explaining what it is.
- Use a firewall to protect your computer from hacking attacks
while it is connected to the Internet. A firewall is software or hardware
designed to block hackers from accessing your computer. A properly
configured firewall makes it tougher for hackers to locate your computer and
get into your
programs and files. A firewall is different from anti-virus protection:
Anti-virus software scans
incoming communications and files for troublesome files; a firewall helps
make you invisible on the
Internet and blocks all communications from unauthorized sources. It’s
especially important to run a firewall if you have a broadband connection.
- Software firewalls: MS Wndows (XP and Vista) has a software
firewall built-in, but you must turn it on. Because it may be shipped in
the “off” mode, check your online “Help” feature for specifics on
turning it on and setting it up properly. If your operating system
doesn’t include a firewall, you can install separate firewall software
that runs in the background while you use your computer and surf the
Internet. Several free firewall software programs are available on the
Internet. (You can find one by typing “free firewall” into your favorite
- Hardware firewalls are considered to be stronger. Most
routers (like Dlink, Linksys, Netgear) have hardware firewalls built-in.
A hardware firewall is an external device that includes firewall
software. Like anti-virus software, a firewall needs to be updated
regularly to stay effective.
- Check your “sent items” file or “outgoing” mailbox to see if
there are messages that you did not intend to send. Many spammers have
learned to delete or hide their unauthorized access, so even if there are no
illegitimate messages in your outbox, you can’t be sure that your computer
hasn’t been used to send spam.
What do I do if my pc is a zombie?
If your computer is infected, take action immediately. If your computer has
been hacked or
infected by a virus, you should:
- Disconnect from the Internet right away. (Unplug the cable
connecting you to the DSL router, cable modem - the box typically made by
Dlink, LinkSys, Netgear or Airlink) Usually, the cable is blue or yellow.
- Next scan your entire computer with fully updated anti-virus
- Report any unauthorized accesses that the anti-virus software
finds to your ISP. Also, if you suspect that any of your passwords have been
compromised, call that site’s company immediately and change your password.
How can I learn more about Zombies?
Learn more about securing your computer at from the
FTC's security page. The FTC works
for the consumer to prevent fraudulent, deceptive, and unfair business practices
in the marketplace and to provide information to help consumers spot, stop, and
To file a complaint see this page
or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC
enters Internet, telemarketing, identity theft, and other fraud-related
complaints into Consumer Sentinel, a secure, online database available to
hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
For More Information About Spyware and Adware, See:
- Current list of known
spyware and adware
Electronic Privacy Information Center
Report A Crime
How Spyware Works, Ross Greenberg, Security Pipeline, February 28, 2005
Spyware And Your PC: Keeping It Out, Getting Rid Of It, Ross Greenberg,
Security Pipeline, January 24, 2005
Browser Hijacking, Mike Healan, SpywareInfo, last update was January 12,
- What's The Difference
Between Spyware And Viruses? Dave Piscitello, Security Pipeline, January