Halloween? The perfect time to kill some zombies

Halloween pumpkin
Stamp out some ghouls this weekend

This weekend it's Halloween. A time for those of us without children to turn all the lights off and hide under the bed, in case surly teenagers come knocking on our door demanding "treats" with menaces.

Yes, it's all very cute when it's six-year-old kids ringing your doorbell, covered in bedsheets wearing fake vampire fangs, but when it's happy-slappy ringtone-downloading hoodie wearers, Halloween can lose some of its sparkle.

So here's something you can do this weekend to cheer you up while you're avoiding the trick-or-treaters: see if there's a zombie lurking in your house.

I'm not talking about the zombies of 28 Days Later or Shaun of the Dead, but zombie computers - the infected PCs that hackers hijack in order to silently send out spam, steal identities and distribute malware.

It's estimated that over 99% of all spam is sent from innocent compromised computers which, unknown to their owners, have been commandeered by cybercriminals to send out adverts for Viagra and fake FedEx delivery notices.

Hackers control networks of hundreds of thousands of zombie computers, known as a botnet, from a single point - enabling them with one click of a mouse to start a new spam campaign or spread a new computer worm. So you can see that it's essential that computer security starts at home - and everyone does their bit to make sure that they are not adding to the problems on the internet.

So, here is my advice if you want to turn Halloween into International Kill-A-Zombie Day.

1. Scan your computers, and those of your friends (remember to ask permission!), with an up-to-date anti-virus which can detect the latest malware and rootkits. Remember that if your PC is a zombie it won't be announcing the fact by displaying images of skulls dripping gore - announcing that they have infected your computer is not going to help them make money after all.

2. Ensure that your computer is up-to-date with the latest security patches. I don't just mean for Microsoft Windows and Mac OS X (although those are, of course, essential if you want to run a tight ship). What I mean is that you also need to update the security of your web browsers, your PDF reader, your internet plug-ins, and other software that could be exploited by hackers.

3. Always be suspicious of unsolicited email attachments and web links. You shouldn't blindly install any program on your computer without being confident of its nature. You wouldn't pick up a sweet in the street and pop it in your mouth - so why would you trust a website you've never heard of before when it suggests you install a codec to watch the latest nude video of Vanessa Hudgens?

4. Keep abreast of the latest security threats. Follow security blogs and sign-up for notifications of new threats that are emerging. Keeping one step ahead can stop your computer becoming one of the zombies.

You can find out more about International Kill-A-Zombie Day at http://www.sophos.com/killazombie or join the Facebook group.

Have a happy, and safe, Halloween.


Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his blog on the Sophos website you can find him on Twitter at @gcluley.