FTC Targets Zombie Spammers

The Federal Trade Commission (FTC) launched a new anti-spam campaign today, this time targeting hijacked or “zombie” computers. Routing e-mail through zombies allows spammers to hide the origin of their unsolicited messages.

The FTC and its international partners will send letters to more than 3,000 ISPs around the world, urging them to employ protective measures to prevent their customers’ computers from being taken over by spammers.

The next phase of the operation will be to identify likely spam zombies around the world as well as the ISPs that operate the networks that are hosting them. The FTC will then notify those providers of the problem and urge them to implement corrective measures.

The FTC suggestions to ISPs include what is known as “port 25 blocking,” the communications channel used between an e-mail client and an e-mail server. Port 25 blocking forces e-mailers to send traffic through their ISP’s Internet Access Provider’s outbound (SMTP) mail servers.

In addition, the FTC is urging ISPs to apply rate-limiting controls for e-mail relays and identifying computers that are sending atypical amounts of e-mail. When necessary, the FTC says, ISPs should quarantine the affected computer until the source of the problem is removed.

The campaign, known as “Operation Spam Zombies,” also contains a heavy dose
of consumer education, including awareness programs and providing or
directing consumers to zombie removing tools.

“Computers around the globe have been hijacked to send unwanted e-mail,”
Lydia Parnes, director of the FTCs Bureau of Consumer Protection, said in a
statement. “With our international partners, we’re urging Internet service
providers (ISPs) worldwide to step up their efforts to protect computer
users from costly, annoying and intrusive spam ‘zombies.'”

The new anti-spam campaign by the FTC follows two similar efforts targeting
other spam anonymizing techniques: “Operation Secure Your Server” in 2004
and a campaign against “open relays in 2003.

Joining the FTC in the zombie targeting effort are the Department of
Commerce, Department of Homeland Security and 33 countries.

News Around the Web