I'm a guy, and as a guy sex gets my attention. But the kind of sexually oriented spam I\u2019ve been getting lately is way over the line. Because my mail client, Thunderbird, catches spam but lets me see it before deleting it, I know what\u2019s coming into my email box.\n\tIn the last few weeks, I\u2019ve noticed that I\u2019m getting 10 or more emails every day with subject lines that either promise a link to a site full of X-rated photos, or offer to help guys who don\u2019t have confidence in their sexual abilities. I won't be more explicit, but you know what I mean. And of course, I never click on the links the messages contain.\n\tNor do I make a practice of visiting X-rated sites where I might have been the victim of a drive-by. By coincidence, I recently spoke to a friend who never visits sex themed sites, and she has been getting the very same emails. This is odd, I thought, so I called McAfee, a security company that spends a good deal of time tracking trends in malware, to see if our experiences were simply random.\n\tIt turns out they are not, says Adam Wosotowsky, a messaging data architect with McAfee. After looking at a few messages I forwarded, Wosotowsky said it appears they are related to a well known spambot known as Cutwail. A quick Web search then told me that another security company, M86 Security Labs, noticed a large volume of Cutwail-generated spam back in February.\n\tAs I mentioned, I never click on links that are part of messages that are obviously corrupt, but researchers like Wosotowsky can, since they do it in a contained environment known as a sandbox. Much Cutwail spam, he says, is related to the sale of off-brand pharmaceuticals. Click on a link that promises nude pictures and you\u2019ll wind up on a site offering to sell you drugs (medicines, not heroin or marijuana) at a huge discount.\n\tAlthough it's difficult to prove, Wosotowsky believes that pharmaceutical companies in India and China are the ones selling the drugs. Typically, they\u2019ll find an advertising company to work with, and that company in turn will find an email distributor, who hires yet another company to actually email the spam using a botnet. There may even be a company hired to handle the billing.\n\tIt's unclear who in that chain other than the company actually using the botnot is aware that something illegal is going on, says Wosotowsky.\n\n\tEmail Product Looks to Reduce Spam False Positives\n\tTwitter Files Lawsuit Against Alleged Spammers and Spam Tool Providers\n\tIt's important to realize that the drugs offered for sale this way are probably counterfeit. They may not work at all, or they could contain something dangerous. Given the high price of drugs in the United States, it may be tempting to buy them, but you're taking a serious risk.\n\tThere's something else going on as well. Botnets work by infecting computers, copying their address books and sending that information to the botnet server, which in turn uses the contaminated computer to send out the spam. That\u2019s why you might get a note from someone you know that's really spam. Your friend didn\u2019t mean to spam you, but his or her address book has been compromised. Clicking on one of these links could turn your PC into a spam-spewing zombie.\n\tYou already know that you should keep your anti-virus programs up to date, and never click on a link or an attachment from someone you don't know. But those counter-measures might not help if you visit a site that uses Flash or PDFs that execute automatically when you visit them and then contaminate your browser. One way to defend against that kind of attack is available to users of Mozilla\u2019s Firefox browser, says Wosotowsky.\n\tIt's a plug-in called "noscript" that stops those nasties from executing. Of course, most Flash on the web isn\u2019t harmful and you might want to see it. If you do, noscript gives you the option of seeing it work one time, or every time you visit that site.