As a person directly involved with the support and operation of a respectable sized ISP it amazes me the number of Internet users who are still unaware of the issues with Spyware and Adware type programs. Daily we talk to dozens of users who complain about poor performance and misbehaved computers, and they assume it is an issue with their ISP. It has become the job of network administrators and service providers to educate the public regarding spyware in order to gain control of our precious network bandwidth and provide the services that Internet customers demand today.
As I see it, Spyware is one of the largest threats we face today. Every day I deal with customers who want to enjoy the benefits of the Internet that they see their more experienced friends and neighbors taking advantage of. Simple things like getting pictures from the grandchildren, or online shopping are their visions, and yet these new consumers want to just give up on the Internet. Why wouldn't they! With computers now affordable at under $500, and with broadband connections being very affordable and reliable, it is very hard for this "new breed" of Internet consumer to find their computer has been compromised, often requiring costs of up to half the purchase price of their new computer to have the problem fixed. And this is just their experience in the first month. Many times the fix involves a reload of the customer's operating system, and the loss of all those family photos and other things (they didn't back up)! Internet consumer cofidence is still very weak, and spyware is a hurdle we must overcome.
Many people think simply running Antivirus software is enough, and this simply isn't true! Most of us Network Administrators are aware of the concerns surrounding spyware, hopefully this article will make a great link to share with our less informed users.
Methods used and signs you may be infected with Spyware
Reduced performance. Spyware and Adware use system resources, CPU cycles, memory, disk space, and bandwidth, making your system slower.
System instability. Most spyware isn't very well tested or debugged, and there is no way to report bugs or obtain tech support. The result can be system crashes, hangs, or other strange behavior.
Deception. Spyware typically uses Trojan horse tactics in order to infiltrate your computer. It offers to synchronize your PC's clock or keep track of forms, but it is also doing other hidden things while you browse.
Browser hijacking. If your home page has changed, it most likely is due to spyware.
Privacy Loss. Spyware can track the web sites you visit, and send those sites back to the spyware vendor.
Popup Advertising. Have you installed a popup blocker or run a web browser with popup blocking and you're still getting pop-ups? The advertising that pops up may not be coming from the web site you're on, it's probably coming from spyware.
Stolen advertising. Instead of showing the ads that should appear on a web site, some spyware substitutes its own ads which can rob a web site of revenue.
Broken web sites. Spyware sometimes changes the actual content on a web page, and in the process it "breaks" the page. The page may not look correct, or you may get Javascript errors.
Security risks. Some spyware has a built-in update feature that lets the spyware maker download and install new code to your system without your knowledge or approval.
Redirection. Spyware can cause the results of your Internet search or web site selection to be redirected to another site.
Types of Spyware/Adware
Adware
Also known as Adbots, they do a number of things, such as profile your online surfing and spending habits. They also pop up annoying advertising windows while you surf. Adware can be bundled (i.e. peer-to-peer file swapping products) without the user's knowledge. It is often slipped into the fine print of a EULA (End User License Agreements). Adware is not always bad, but the intrusive behavior is often annoying . Keep in mind that by removing Adware sometimes the program it came bundled with may stop functioning. Some Adware may not do anything other than profile a users surfing activity for study. Adware is often obnoxious and performs "drive-by downloads", which are typically accomplished by providing misleading dialogue boxes or other methods of stealth installation. Internet users usually have no idea they have installed an application. Adware creators generally make their application difficult to un-install.
Spyware
Often more dangerous than Adware because it can record your confidential and private information. Spyware is often passed off as a spouse monitor, or a surveillance tool. Spyware is also known as "snoopware". Spyware silently gathers user information and activity without the users knowledge. Spy software can record your keystrokes as you type them, it can gather credit card numbers, passwords, and other very sensitive information. It can record where you surf, monitor interactive chat logs, and even collect screen shots of your activity. Basically whatever you do on your computer can be viewable by the spy. You don't even have to be connected to the Internet to be spied upon. Some Spyware routines mail out user activity via E-mail or posting information to a web-site so the spy can view it whenever they want. Many spyware vendors use "stealth routines" and "polymorphic tactics" (polymorphic is an old virus trick which changes techniques to avoid detection and removal by anti-spyware software). Spyware vendors also attempt to break anti-spyware software, or create routines to re-install the spyware software after it has been detected and potentially removed. Often the anti-spyware software will remove the spyware, and then when you re-boot the system, it recognizes it has been removed, and then re-inserts itself back into the system.
ParasiteWare
A term for any Adware that overwrites affiliate tracking links. These tracking links are commonly used by webmasters to sell products and fund websites. These companies release their software to assist users in getting rebates, cash back shopping and other helpful tools. To the end user ParasiteWare usually poses a low, if any, security threat.
Dialers (Modem Hijackers)
Dialers are a type of software used by porn vendors (also know as "porn dialers"). Once infected with dialer software the user is disconnected from their modem's usual Internet service provider and another phone number is dialed, and the user is billed. Dialers do not spy on users they usually cause huge financial harm to the victim. Consider unplugging the phone connector from a dialup modem when the computer is not in use, or if you use a broadband connection. Also having your telco block 900 calls can also reduce the risk.
KeyLoggers
A form of spyware that runs in the background, recording all the keystrokes a user enters. The recorded keystrokes are then available for the attacker or spy to use for various reasons. Often this is a way for the spy to gather access to critical and sensitive information such as bank accounts. Keyloggers have been around for a while, but are a much bigger concern with modern Internet use.
Page Hijackers
Hijackers are applications that attempt to gain control of the user's browser home page and reset it with the hijackers page. While a low security threat, they are obnoxious, and at times hard to get rid of. Many Hijackers use stealth techniques or trick dialogue boxes to perform installation.
Malware
Malware is slang for "Malicious Software". It is software specifically designed to disrupt a computer system. A worm, trojan horse, or a virus could be classified as Malware. Some advertising software can be malicious in that it can try to re-install itself after you remove it. Malware is generally software engineered to damage your machine and interrupt the normal computing environment.
Chat Loggers & Email Recorders
Chat Loggers and Email Recorders are similar, and make a text copy of all incoming and outgoing email and chat sessions. This information can then be sifted through to see if it contains helpful information.
URL Loggers
Track websites visited online. These were originally used to enhance marketing efforts by supplying the user with information targeted to their interests. While this can be helpful at times, it is often obnoxious and slows down your web experience.
What Can I Do to avoid Spyware?
- Run at least one Anti-Spyware program. I actually run more than one. Some programs remove things that others don't, and some Anti-Spyware software is designed to immunize against becoming infected in the first place.
- Run Pop up blocking software. Most modern browsers now have some sort of "pop-up blocking" ability.
- Avoid the temptation of clicking on pop-up ads
- Consider reading The End User License Agreement (EULA) when loading software, especially the free stuff! Don't just click "Accept". Believe it or not most spyware asks before they install.
- Ensure all patches for your operating system are checked and updated frequently.
Beware of the Anti-Spyware product you select?
Yes there are actually products available on the Internet that pose as Anti-Spyware software, yet actually have spyware components within.
Here is a link to some wonderful spyware resources and tests maintained by Eric L. Howes
http://www.spywarewarrior.com/rogue_anti-spyware.htm
Summary
The information provided above may scare you some, and it should! But in reality the future looks very bright. Spyware is a fairly recent phenomenon, and many people are unaware of the impact. Keep in mind the Internet is really still in its infancy, and huge strides have already been made in the protection from these parasites. I conduct my actions on the Internet very carefully. I keep my Windows patches up to date, run good Antivirus software, and run Anti-spyware software and software to immunize against spyware infection. I still have control over my system, and receive the performance I expect from my Internet provider. Microsoft has also recognized the spyware concern, and has taken action to help protect users of their Windows operating system. Like all new things, the Internet will get safer! The wild west used to be "wild and untamed". It is now settled, and in general a safe place to be!