Spam has gone beyond just irritating, the Federal Trade Commission warns. It has become downright dangerous.

"This new generation of spam is no longer a mere annoyance to email recipients and a burden to ISPs; often it is a vector for criminal activity," the FTC's Spam Summit report, released on December 28th, concludes. The document summarizes the findings of the Commission's Division of Marketing Practices on spam and "phishing."

Not your grandfather's spam

In the relatively innocent 1990s, spammers used automated search software to "harvest" e-mail addresses off Web sites, then dumped them into scripts to mass market products via email. The messages used phony headers so you couldn't trace them to their source.

But those were the good old days, the FTC report explains. Today's New and Improved spam sends you malicious "bots" that implant software in your computer, turning it into part of a network of hosts that send unprecedented quantities of spam into cyberspace.

And the spam doesn't just try to get you to buy V1a@ra; it directs you to "phishing" sites—phony Web pages that look like your banking, credit card, or cell phone account site—then tells you the site crashed and needs you to submit your account information again in the hope that you'll fall for this dodge and the spammer can rob you silly.

Other types of "malware," the FTC warns, can dramatically slow down your computer, or even worse, install key recording software that will record your every keystroke—that's right, including the strokes that spell out your credit card and banking account number.

Fast flux

One million Internet Protocol (IP) addresses get shanghaied into coordinated spam attacks every day, the FTC survey says, assaulting 50,000 computers in any single instance.

Spam experts call the phenomenon "fast flux," and say that about 12 million computers world wide are compromised by malicious bots, most of them located outside the United States. With so many computers under their control, spammers can quickly switch the infected computer IP addresses that they use in order to evade detection by authorities.

And it's getting easier to become a malicious spammer, the FTC reports. Rogue software developers are offering spam/spyware programs for less than $20 a copy; some even come with technical support.

U.S. consumers paid seven billion dollars in costs due to malicious spam in 2007, the Spam Summit report says. 850,000 households had to replace their computers after being spammed or phished. The Federal Bureau of Investigation discloses that over 200 government Web sites have been compromised and turned into spam delivery systems.

Fighting spam

Consumers can protect themselves from malicious spam, the FTC says. Spam filters work and every e-mail user should get one. Studies repeatedly show that using such filters effectively blocks most spam.

"The implication of this finding is that ISP spam filtering technologies continue to play an integral role in reducing the amount of spam messages delivered to consumers’ inboxes," the FTC concludes.

The Commission also warns that listing your e-mail address on a Web site puts that address at high risk of getting plucked, "but that postings on other website locations, such as chatrooms, message boards, social network sites, and video posting sites were far less likely to be harvested."