[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Tuesday, 3 August, 2004, 12:29 GMT 13:29 UK
Home PCs hijacked to spread spam
By Mark Ward
BBC News Online technology correspondent

There is a good chance that your home computer has been hijacked by spammers if you have a broadband net link, but are not using a firewall or anti-virus software to protect your PC.

PC in use at home, BBC
Careful where you click, that e-mail could be loaded
Even if you use anti-virus software but do not keep it up to date, there is every possibility that you are helping to keep spam alive and spreading.

You could also be helping if you are one of those people that open up attachments on e-mail messages that turn out to contain viruses, rather than the pictures you were promised in a subject line.

Spammers are actively seeking out and hijacking home PCs to act as remotely controlled relays, or zombies, that pass on their unwanted messages.

Viruses such as MSBlaster, Agobot, MyDoom and Sobig were all written with the aim of converting home PCs to the spammers cause.

And they have succeeded in huge numbers.

So much so that law enforcement agencies report that zombie nets can now be hired by the hour to pass on spam or other unwanted messages.

Huge army

Technology firm Sandvine estimates that 1% of all the active hosts on the net could be compromised.

Most people see themselves as victims of spam rather than potentially participants in its distribution.
Tom Donnelly, Sandvine
That means potentially millions of computers waiting to act on the instructions of their spam-sending masters.

"85% of e-mail leaving broadband residential networks is likely to be spam," said Tom Donnelly, founder of Sandvine.

It reached this estimate by analysing traffic from customers for the tell-take signs of spam sent by infected machines.

It is easy to check the scale of infection on many broadband networks thanks to sites such as SenderBase.

This site shows the number of messages flowing through particular net addresses.

STAYING SAFE ONLINE
Install anti-virus software
Keep your anti-virus software up to date
Install a personal firewall
Use Windows updates to patch security holes
Do not open e-mail messages that look suspicious
Do not click on e-mail attachments you were not expecting
Type in the name of almost any broadband net service firm and you will find that many of the PCs used by subscribers are sending out as many, and sometimes more, messages as that company's designated e-mail servers.

Given that many broadband net firms have millions of customers that adds up to a lot of spam.

Net firms are keen to stamp out the problem because of the bandwidth costs they incur passing on huge amounts of traffic and because net addresses used for spam are typically blocked by everyone else in the internet world.

SenderBase measures e-mail output by magnitude, just like earthquakes, and a search for the names of British high-speed net firms shows that many addresses are spewing out as many as a million messages per day.

Network trouble

"It's a big problem," said Mike Galvin, head of internet operations at BT. "Spammers do this because if they used their own machine they would be banned from the net."

BT contacts customers directly when it discovers that a PC has been compromised and offers advice about how to clean up their computer and stop it happening again.

Computer network connections, Eyewire
Home broadband PCs are targeted by spammers
"A lot of people genuinely do not know it could happen to them," said Mr Galvin.

A spokeswoman for NTL said that it had seen an increase in attempts to create zombie computers over the last few months.

It said it regularly contacts customers to help them sort out their PC and stop it being used by the spammers.

A spokeswoman for Telewest said that currently it was tackling about 8-10 cases per week of compromised computers.

"We're cracking down quite heavily on open relays and have been for a few months now," she said.

It too talks subscribers through cleaning up a PC, installing anti-virus software and setting up a firewall.

"We have gone through early adopters. Now we're getting into the people who maybe do not completely understand that there are a few security implications when using broadband," she said.

Sandvine's Mr Donnelly agreed saying that late adopters of broadband do not see what they are getting as a technology. Instead, he said, they see it as a utility that they simply plug in and use.

Unfortunately without care they could find themselves helping the spammers, he said.

"Most people see themselves as victims of spam," said Mr Donnelly, "rather than potentially participants in its distribution."

Here is a selection of your comments on and experiences of spam.

I am fed up of spyware, spam etc, they hijack my homepage browser etc, but nothing beats the time once, my browser had been hijacked with a three inch advertisement at the bottom of the page.
Gareth Brown, England

This problem exists because internet service providers have done nothing to prevent the proliferation of zombie computers. As a minimum, they should provide cable modems with a built-in hardware firewall, scan and block virus e-mails, secure their networks, and do more to educate their client base. If the "experts" can't figure this out, what chance has the average pc owner.
Dr Yoshada, USA

You can't blame the user. I've met people who didn't know that these things could happen. Where are the TV programmes? We know how to decorate our houses and sort out our gardens from the huge amount of TV programmes about it. Nobody is producing mainstream TV to inform the public about these computer problems and how to fix them. Come on BBC if that is not public service broadcasting then what is? How about a DIY SOS for computers?
Neil Carroll, England

The only "safe" computer is one locked away; no-one can use it and it doesn't have access to any network. That leaves us with having to manage our own risks. Install an AV package that checks for updates at least once daily, install a firewall (preferably a dedicated firewall) and anti-spyware packages, but remember to use/update them regularly. But most importantly, be aware of the dangers of irresponsible surfing. A basic firewall won't help you if your browsing habits mean you download software that attacks your PC or network from the inside !
baconbuttie, UK

I agree with Bruno, every car user is required by law to ensure that their vehicle is roadworthy before driving on the roads, and computer users should adopt a similar approach. One good thing about virus proliferation is that as each user experiences a disruptive virus they usually look to install proper protection fairly quickly afterwards
John Steer, UK

All these issues with email spoofing could be easily prevented, if the first node to receive outbound email were to query back to the stated sending email address to confirm that it did indeed originate the message. At least we could then be sure that the stated originator of an email is actually the author! Spammers could then be brought to account, as they could no longer hide behind using other people's addresses.
Richard Peers, UK

This is odd I have only just got broadband and was using dial-up before but I had my home page changes to a dodgy search engine and I kept getting popups saying I had Spyware installed on my pc. I downloaded and paid for Adware and this would not remove the problem. I had to re-image my pc completely, which took time but now the problem is sorted. I now use Zone Alarm and Grisoft with my broadband connection and so far there haven't been any repeat problems.
Paul, England

In fact, it need not be cheap, you can download a basic version of ZoneAlarm for free. There is no excuse for not protecting yourself, and there is no excuse for PC manufacturers failing to include a basic firewall on all new pcs. Would they sell you a car with no brakes?
Simon, Uk

When Blueyonder set up my Broadband service, they actually downloaded a free firewall for me, a very good service. I would have thought that all ISP's should at least recommend this, if not set it up for you if you do not have one already - especially if you are paying for them to make a visit to your house to set up the Broadband service.
Jon, England

I installed a new broadband connection two days ago. I immediately downloaded ZoneAlarm, ad-aware and avg antivirus. According to ZoneAlarm, in the last 48 hours, I've had 1200 illegal access attempts. Sadly, even downloading the patches can be a hassle. I tried to download SP4 for win 2000 and it wrecked the computer, so now I'm having to rely on third party software for protection instead!
Edward Bozzard, Uk

It doesn't make sense for the millions of home users to have to defend against attacks that are coming to them through their ISP. The ISPs have far greater resources available to them and should have the responsibility to prevent these attacks from getting through.
Paul Davies, UK

A virus used the domain name found in my e-mail address in Outlook to send thousands of spam e-mails. Since I own my own domain, I received hundreds of failed e-mails back per day, and AOL now prevent me from e-mailing anyone on their system. which just happens to include the rest of my family.
James, UK

I have been compromised a couple of times and learned very quickly that you need several programs to completely stop spam or your PC being taken over in some way. I found that the best way is to load Bazooka, Spybot & Adaware (all free), and run them every week. As well as that I also run AVG anti-virus and get it to update twice a week. Then I run Malware which checks for all processes running on your PC so you can see what's happening.
Peter, England

I use two firewalls and two anti-virus software programs as well as my ISP's automatic check on its anti-virus e-mail. Thus I have had relatively free virus conditions, but I also check the whole machine each week, which takes about an hour unattended operation.
Eion MacDonald, UK

We should take this matter very seriously indeed and think of it like safe sex - always use protection
T, UK
Unfortunately some of the blame must be placed on the end user who has allowed their machine to become infected. I spend many hours each week controlling the spam which is received by my organisation, the vast majority of which is received from 'hijacked' or 'zombied' PCs. Users should ensure that they are adequately protected before going online - and ISPs should take an active role in verifying this. We should take this matter very seriously indeed and think of it like safe sex - always use protection. As my mother told me in no uncertain terms when I was a lad - "Don't go paddling without your wellies". It is just as valid in this context.
T, UK

Despite repeated attacks from spam, which I presume contains attempts to subvert my computer, these have been defended against by using an operating system is totally different from that used by the vast majority of PCs. Although this is a minority position, using RISC OS means that I do not have to worry about malware distributed by e-mail or to keep updating software designed to stop Windows from performing its built-in functionality.
Dave Barnett, England

The internet is a mess and needs to be replaced by a well managed network that does not tolerate abuse
Tina McPhail, UK
I bought a new computer, connected it to the internet so that I could download the latest of many security patches from Microsoft. In the 15 or so minutes that this process took my machine was compromised! My question is why should broadband users have to become computer experts? The ISPs could take steps to ensure that even if a machine is compromised it is useless for sending spam. (It is called port 25 blocking, I believe). There are many sites that list spammers (I like Spamhaus.org). The internet is a mess and needs to be replaced by a well managed network that does not tolerate abuse.
Tina McPhail, UK

Computer retailers should sell CDs with current updates with the new PCs they sell. The new user can then update the PC before going online and thus reducing the risk of infection. I update the new PCs I install that way and have only had one failure in about 150 machines. If I can create an update CD for my use, then why can't the retailer?
Howell J Clark, UK

I use a firewall, anti-virus software and Mailwasher, and therefore only download the e-mails I want to view. So far it has worked well.
Malcolm Ruscoe, UK

I was plagued with pornographic pop-ups and had pornographic websites inserted into my favourites file which when removed reappeared the following day!
L Millington, England
Whilst quite innocently searching on the web for a number of female actresses' websites, I was continually bombarded with pop-ups. Eventually my computer froze but the hard drive carried on accessing. When this had finished my home page was a junk advert that I could not remove, also whenever I tried to use a search engine a fake search engine appeared instead. I was plagued with pornographic pop-ups and had pornographic websites inserted into my favourites file which when removed reappeared the following day! All extremely annoying.
L Millington, England

Over a year ago, we had an adult sex line log on to my PC and dialled my PC onto it. I had no knowledge that this had happened until my NTL phone bill turned up. I am now on broadband so this cannot happen again. NTL have accepted no responsibility for this and I had to pay the 160 call charges. I am still fighting to claim back these charges.
Carol Fletcher, UK

Tina's comment is interesting one in many ways. Every single broadband user should consider buying a cheap residential firewall. It cost next to nothing and helps prevent most attacks by Trojans and worm-type viruses. Why her broadband service provider didn't make this clear to her is another mater. Still, I think it's the end users fault mostly. The internet is not like a TV subscription, it's more like a driver's licence. You cannot blame everyone else for your own bad driving.
Bruno, Slovenia

Let's face it, it's new computer users who are the problem
Tony, UK
The reliance on anti-virus software is exaggerated. If you patch your PC, don't download unknown ".exe" files, don't say yes to things that can be installed from web pages, and don't open suspect e-mail attachments you should be fine. Mostly common sense is needed. Let's face it, it's new computer users who are the problem. So PC retailers and ISPs need to join together to better inform people. Their PC needs to come already patched, and they need a guide to tell them what to do and what not to do.
Tony, UK

Like Dave Barnett I use a different operating system from the vast majority of PCs using MS Windows. I use Linux, a desktop operating system gaining popularity, which is immune to these viruses, malware, spyware etc, so I don't need to worry. However I do run a NAT firewall on the router, as well as SuSe Firewall2 in my OS. I changed about eight years ago and have never looked back.
Geoff Fitton,

It's not only broadband users that can be affected. I was asked to visit a friend last weekend to 'take a look at their PC' as it was running slowly. I eventually tracked down more than 14,000 infected files as well as numerous diallers and an apparent peer-to-peer file-sharing export setup to dish out numerous virus infected files whenever the PC was online. Did they have anti-virus software? Yes, I installed it last August. Was it up to date? The last update was installed in August last year - when I originally installed it. I told them (once again) to update at least once a week, showed them how to do it as well! Will they do it? Probably not. A marvellous waste of a Sunday!
Don, UK

You take lessons to learn to drive a car so why not a complicated computer?
Derek, UK
Tina raised the valid point, "My question is why should broadband users have to become computer experts?" Sadly for your own good and every other internet user. This head-in-the-sand selfish attitude is the cause of the problem resulting in clueless users with compromised machines spewing out junk to compromise more windows machines. Running Linux just makes for irritation rather than worry. When I worked on a technical helpdesk I found many take the lazy attitude "I just want it to work perfectly out of the box without any effort on my part". You take lessons to learn to drive a car so why not a complicated computer? I would introduce a driving test for the internet and rigorously enforce it making it less cluttered for those of us who took the time & trouble to learn.
Derek, UK

ISPs should be blocking all non-standard and non-essential ports by default and only opening them on request by the customer. This would leave the less technologically minded people 'secure-by-default' instead of the current system where their computers are completely open to the rest of the web.
Rob Miles, UK

I installed Red Hat 8 (a version of Linux) on my PC instead of Windows. Since doing that I've been virus free for months.
Simon Richardson, London, UK

It's amazing how people with absolutely no knowledge pass an opinion. To compare a car with a PC is the epitome of ignorance. My personal experience in dealing with network traffic, systems data security and TCP/IP controls is quite extensive and it's unambiguously clear that this can not be controlled by the average home user. Even with sophisticated software, it's a job for professionals. This needs to be targeted centrally, both by operating systems designers and ISP traffic controllers.
A Smith, London, UK

I find it a terrible shame that these sad individuals are spoiling the web, one of the finest inventions ever, with their useless and destructive activities
Rick, UK
Spam should be renamed scum. I don't seem to have been hijacked, but I do know that several people I communicate with regularly have been. I was baffled why a buddy of mine was sending me junk e-mails about growing my manhood! I find it a terrible shame that these sad individuals are spoiling the web, one of the finest inventions ever, with their useless and destructive activities.
Rick, UK

I think that all new broadband accounts should include a router as standard. The router would act as a basic firewall and would protect users from the multitude of worms out there on the Internet. Using broadband without a router or hardware/software firewall is just far too risky. There would be a further advantage in that the router could come pre-configured, making the initial setup even easier. I do acknowledge that this would require a network card in the PC used to connect to the Internet, but most new PC's and all new Mac's come with one built in.
Tom Sadler, UK

Our firewall monitor shows nearly 1,000 illegal port scans a day from people trying to get into our computers. However our network of three Macs is hidden from the outside world by the simple expedient of buying an ethernet router. These are available from any computer store and are configurable through a web interface. They sit between your cable modem or phone line and your computers and allow more than one machine to access the internet simultaneously. Once set up all the potential attacker can see is the router and not the computers connected to it. Unless something called port forwarding is enabled, the attacker hits a virtual brick wall. A router will only stop network attacks. It will not prevent nasties attached to e-mails getting through. Only the precaution of never ever opening attachments from people you don't know and old fashioned common sense will work on these I'm afraid.
Melanie Cresswell, UK

The virus interfered with operating the PC to the extent that it would not allow me to reinstall the firewall software or update my anti-virus
Ged Start, UK
I use firewall software, but for some reason it didn't initiate properly and my PC was compromised. I realised there was a problem when I saw that my PC had sent 400Mb of data while I had downloaded less than 2Mb. The virus interfered with operating the PC to the extent that it would not allow me to reinstall the firewall software or update my anti-virus. In the end I had to re-format the hard disk and reinstall all my software from scratch. I've now switched from a USB ADSL modem to an ethernet modem that acts as a hardware firewall - much better, but not cheap.
Ged Start, UK

There really is no excuse for people to not have anti-virus, firewall and anti-spyware software. Money is no object in getting suitable protection: Zone Alarm firewall, SpyBot Anti-Spyware and AVG Anti-Virus are all free for personal use! I believe that ISPs should make the use of an anti-virus and a firewall be a condition of being allowed to use their service. If ISPs blocked TCP port 25 by default, virtually all spam would be eliminated as this port is the e-mail server port. Spam viruses work by loading an e-mail server on your machine, this is how they are able to spam. ISPs need to be more responsible and proactive.
David, UK

Some one who had my e-mail address got infected with the result I was receiving +600 failed mail messages a day. As I have comprehensive protection, 99% of these were blocked. (This is a home sys). I contacted those I know, however there are still those who have no protection as they firmly believe they can only be infected by opening an infected mail attachment! Fortunately the rogue mail has now stopped, I can only assume they have either patched their sys, or the ISP has blocked the relay.
David, UK

One good thing about virus proliferation is that as each user experiences a disruptive virus they usually look to install proper protection fairly quickly afterwards
John Steer
I agree with Bruno, every car user is required by law to ensure that their vehicle is roadworthy before driving on the roads, and computer users should adopt a similar approach. One good thing about virus proliferation is that as each user experiences a disruptive virus they usually look to install proper protection fairly quickly afterwards
John Steer, UK




SEE ALSO:
New virus exploits MyDoom success
28 Jul 04  |  Technology
Parents 'underestimate' net risks
20 Jul 04  |  Technology
Spam reveals its darker side
14 Jul 04  |  Technology
Microsoft sets sights on spam
29 Jun 04  |  Technology
Spam is making computers sick
23 Jun 04  |  Technology


RELATED INTERNET LINKS:
The BBC is not responsible for the content of external internet sites


PRODUCTS AND SERVICES

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East | South Asia
UK | Business | Entertainment | Science/Nature | Technology | Health
Have Your Say | In Pictures | Week at a Glance | Country Profiles | In Depth | Programmes
Americas Africa Europe Middle East South Asia Asia Pacific