I must admit that I get very tired of opening my email accounts only to see spam email after spam email, reminding me that enlargement, growth, and natural male enhancement techniques can all be mine if I just click on the enclosed link.
It didn’t take long to establish that the driving force behind the majority of these annoying emails is the well established Storm bot network. Security experts maintain that the Storm bot network continues to be leased to online pharmacy spammers.
The Storm Trojan which first appeared in Europe more than a year ago, takes its name from the content contained in emails relating to extreme bad weather striking parts of Europe at that time.
Those users who were enticed into clicking on links enclosed in the email were directed to a web site that included malevolent code designed to infect Windows PCs with the aim of turning the now infected machine into a spam bot.
The initial success and the continued implementation, in various forms, of this highly sophisticated malware attack has led to the creation of a botnet of unprecedented proportions; a colossal spam-producing network.
According to Bradley Anstis, Vice-President of Products for Marshal, a leader in integrated email and Internet content security solutions, the Storm botnet was responsible for 20 per cent of all spam email sent in the first quarter of 2008.
Marshall is currently monitoring five botnets, including the Storm botnet, believed to be responsible for approximately 75 per cent of all spam currently in circulation. Heavily promoted products on all of these botnets tend to be male enlargement drugs, replica watches and sexually explicit material. The strategy employed by the owners of these botnets is particular ingenious since there’s a strategic crossover with the products being promoted by all five of these botnets.
Frighteningly it is accurate to say that these botnets are getting increasingly larger every day. According to the U.S. Federal Bureau of Investigation, there are at least 1 million botnetted computers in the U.S. Worst, some security firms estimate that currently there are as many as 10 million botnetted machines worldwide. In fact, some researchers believe that this may just be the part of the iceberg we can see above the waterline.
Not surprisingly such large numbers of infected machines have produced some of the most powerful networked computer systems in the world. As a result, many industry analysts are convinced malware and phishing attacks from these botnets can be expected to increase in frequency.
A more frightening possibility involves the potential power of these botnets being turned against secure computer systems in the government, commercial, and industrial sectors in brute-force attacks. Some have argued a coordinated attack, such as the one we witnessed last year against Estonia’s infrastructure, is inevitable.
For your own benefit it’s obviously important to keep your computer from becoming infected and becoming a part of this problem. Perhaps it’s less obvious that we all share a responsibly to help protect other computer users on the Internet from becoming infected. The way to do that is to ensure that you are part of the solution; not part of the problem created by running an insecure machine, or by engaging in unsafe surfing practices.
As I have pointed out in the past on this Blog, the following are actions you can take to protect your computer system:
· When surfing the web: Stop. Think. Click
· Don’t open unknown email attachments
· Don’t run programs of unknown origin
· Disable hidden filename extensions
· Keep all applications (including your operating system) patched
· Turn off your computer or disconnect from the network when not in use
· Disable Java, JavaScript, and ActiveX if possible
· Disable scripting features in email programs
· Make regular backups of critical data
· Make a boot disk in case your computer is damaged or compromised
· Turn off file and printer sharing on the computer.
· Install a personal firewall on the computer.
· Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
· Ensure the anti-virus software scans all e-mail attachments
· Install McAfee Site Advisor, WOT (my recommendation), or a similar browser add-on
| Share this post : |  |
 |
 |
 |
 |
 |
 |
 |
Bill Mullins' Weblog - Tech Thoughts 