Internet Security

'Zombie' Spam

The Federal Trade Commission (FTC), along with the Department of Commerce, Department of Homeland Security, and agencies from 20 foreign countries, recently launched an initiative against "zombie" spammers. (Spammers that employ malicious programs to turn other people's computers into mass e-mailing "zombies") Spam sent from zombie computers, which appears to have originated from the hijacked computer itself rather than the true sender, is believed to account for much of the spam e-mail, according to Don Blumenthal, Internet lab coordinator at the FTC. Internet service providers (ISP's) worldwide have been asked by the FTC to cooperate in the implementation of a number of specific steps to help deter spammers, including voluntarily limiting the number of e-mails that can be sent. Without specifying the quantity of emails to allow, the FTC has recommended that ISP's suspend accounts of subscribers identified as sending suspiciously large amounts of email until their computers are fixed. Another recommendation is that ISP's block SMTP port 25 except for authenticated users. "There are no hard and fast rules, it really depends on the situation", "The idea would be to have some limitations in there so that a large flow (of email traffic) couldn't just pop up out of nowhere" Blumenthal said. Acting on these recommendations, many ISP's now routinely block port 25, and filter emails for threats. However, malicious programs may still occasionally get through undetected, and can disable or prevent anti-virus programs from installing properly. Note also that outdated or improperly configured anti-virus software can leave a computer user with a false sense of security and little or no actual protection against these threats.

Q. What motivates Spammers? Why my computer?

A. Generally, Spammers are sending out millions of emails in the hope of generating income (applying a law of averages principal, were the more emails they send out, the more likely it is that someone will respond). Spammers may use personal information in identity theft.

Q. What are the symptoms? Can I repair it myself?

A. The most noticeable symptom is a severe system slow down while online. Other symptoms include large numbers of unwanted emails. Can I repair it myself? Unfortunately, not likely. Like viruses these programs tend to make numerous changes to core system files or system settings.


Most of the email scams are well known, but Spammers are continually finding ways of making their emails look like they came from a legitimate source, such as ebay™, a credit union, or a bank. The best way to avoid an email scam is to not respond to any unexpected email from anyone asking you to update your personal information. Contact the company involved using their website instead of the links in the suspect email. Zombie spam hacks often are part of a Trojan Horse program. Anti-virus programs may or may not reverse changes to the system made by such programs and infected computers may remain symptomatic and vulnerable to some extent until professionally evaluated and repaired.