Graham Cluley, a senior technology consultant for Sophos, said Wednesday that the increasing use of broadband Internet connections and a general lack of security awareness have resulted in about one in threebeing redirected through the computers of unsuspecting users.
"There are lots of people on cable modems and broadband connections that haven't properly secured their computer," he said. "They don't know it, but their PC is being used as a relay for sending spam to thousands and thousands of other people. We believe that 30 percent of all spam"--or unsolicited commercial e-mail messages--"is being sent from compromised computers."
Cluley said that if a Remote Access Trojan (RAT), a type of Trojan horse program, is able to get into a PC, an attacker could, as long as it is connected to the Internet. "They can steal information, read files, write files, send e-mails from that user's name--it is as though the attacker has broken into the office or home and is sitting in front of that computer," he said.
Get Up to Speed on...
Get the latest headlines and
company-specific news in our
expanded GUTS section.
There is also a very small chance that PC owners will have any idea their system is being used by a third party, said Cluley, who warned that attackers could remove any traces of their activity so that there would be no obvious record: "It is really just network and Internet bandwidth that is suffering--there is no permanent record left on the PC that you can look up--you wouldn't see anything if you checked your Outlook 'Sent Items' folder," he said.
Sophos is also concerned that there may be a connection between virus writers and spammers. Cluley pointed out that the groups have similar interests, and he said he knows of worms that have attacked antispam Web sites.
"Antispam Web sites have been knocked out by these viruses," he said. "Why is that? We all suffer from spam. Virus writers are either working with spammers or they are the spammers."Munir Kotadia of ZDNet UK reported from London.