Business-like, isn't he?



Business in Vancouver logo

    Spewers of spam harnessing new tools

    by  Alan Zisman (c) 2006 First published in Business in Vancouver November 14-20, 2006; issue 890

    High Tech Office column

    Been seeing any more spam lately? Last year, I noted that for many of us, spam had more or less vanished – at least from our in-boxes.

    There was still lots of spam being sent, but increasingly effective filtering, both built into users’ e-mail software and at the network and ISP levels was keeping the bulk of it from reaching many users.

    Lately, though, I’m seeing spam in my in-box again.

    I’m not alone.

    Security software firm Sunbelt Software estimates that it’s filtering three times as much spam as six months ago. With such a big increase in the number of junk mail messages, it’s perhaps not a surprise that more of it is leaking through the various levels of filters. Moreover, recent spam, primarily for pharmaceutical products or touting stocks, combine random text with images. This makes it harder to filter.

    Along with a change in the amount and content of spam, there’s been a change in where the unwanted messages are coming from.

    In the past, spam was sent from a relatively small number of servers. It was possible to blacklist those servers, eliminating them as a source of messages. Increasingly today, however, spam messages are coming from ever-changing networks of infected home and business Windows PCs, referred to as botnets.

    David Hart, administrator of spam black-lister Total Quality Management has noted that his company has seen the number of Internet addresses sending spam triple since June.

    Security company McAfee’s Avert Labs estimates that over 70 per cent of the current crop of spam is coming from botnets.

    These networks of infected computers don’t just send spam. They’re rented out to install adware on infected systems, to combine for denial-of-service attacks on online companies, to distribute phishing e-mails and to fraudulently click online ads to boost payments.

    Last May, anti-spam company Blue Security was forced out of business after a concerted series of attacks blocked its ability to operate online.

    Microsoft began including its Malicious Software Removal Tool in its Windows Updates downloads in January 2005. Since then, MSRT has removed one or more infections from more than 5.7 million Windows systems, with bot-related Trojans accounting for 62 per cent of these infections. Trend Micro estimates that at least five per cent of all the computers connected to the Internet have been used in botnets. What’s to be done?

    Security companies are starting to respond with products such as Trend Micro’s InterCloud Security Service and McAfee’s IntruShield, both aimed at ISPs and university and corporate networks.

    Individual users should take the usual security steps:

    • keep on top of Windows patches
    • use a firewall, preferably one that monitors outgoing Internet connections (unlike the built-in Windows XP firewall) and
    • try to actually read those firewall messages; don’t just click OK to everything.

    Up-to-date antivirus and anti-spyware software is vital. McAfee’s free SiteAdvisor is a useful add-on for Internet Explorer and Firefox that warns of potentially dangerous websites (

    Or, seeing how those millions of hijacked computers are all running Windows, maybe it’s time to seriously consider an alternative. Really.

Search WWW Search

Alan Zisman is a Vancouver educator, writer, and computer specialist. He can be reached at E-mail Alan