Everyone is familiar with spam or junk email: Unsolicited messages that find their way into our inbox.
While sometimes just an annoyance, spam can have more malicious intent – such as phishing and malware propagation. But where does all this spam come from? Zombies, of course. In order to carry out massive projects, attackers often use a botnet (a portmanteau of “robot” and “network.”)
A botnet is a group of computers that have been infected with a virus that allows an attacker to secretly control them. These computers are often called “zombies.” Botnets can be used for anything from phishing to DoS (denial-of-service) attacks and spam propagation. When the authorities try to trace the attack back to the culprit, they are led back to a zombie computer and an unknowing victim of a bot.
By exploiting weaknesses in a computer’s operating system, an attacker will send in a small program (the bot) that will turn the user’s computer into a zombie. Now that the attacker has access, your zombie computer will join the hoard and can be a part of a massive army used to carry out an attacker’s will. Antivirus experts estimate that at least 12 million computers are part of a botnet.
Follow the tips below to identify a computer zombie, and how to protect your computer from turning into one:
- Your computer is suddenly sluggish, even when no extra programs are running. Other identifiers may include encountering errors when trying to download or access antivirus or antispyware programs, seeing unfamiliar programs accessing your Internet, and noticing your email outbox is full of messages you did not send.
Note: In reality, it is very difficult to determine if your computer is part of a botnet without advanced knowledge. A sophisticated bot will hide all traces of itself on an infected computer. Attackers don’t always exploit the same weaknesses when turning computers into zombies, making detection even more difficult.
- Always use antivirus and antispyware software, and keep it up to date.
- Always make sure that your firewall is turned on and that all computers on your network have a firewall.
- Never open email attachments that you are not familiar with. Even if the email is from someone you know, they may have been the victim of a bot as well. If you aren’t expecting the attachment, don’t open it
- Always keep your plugins and operating systems up to date. Internet browsers (Explorer, Chrome, Firefox, etc.) and Adobe plugins (Flash Player and Reader) are often targeted. Most of these programs have an automatic updating feature.
- When browsing the web, do not click on pop-up ads. These will often automatically install malware on your computer.
- Remember, prevention is an active process. Remaining vigilant against suspicious emails and websites is key.
Have questions? We're here to help!
If you have questions about cybersecurity, or if you want to learn more about how to stay safe online, contact the Information Security Office (ISO) at: infosec@miami.edu
