Spyware

Leeches in cyberswamp

Spyware is parasitic software installed on your computer without your knowledge. Spyware collects information from your computer files and your activity online, and sends it to some third party.

Spyware is becoming more devious and harmful. Adware (benign spyware) spews out popup windows with *urgent* or *tempting content. Spyware is increasingly used for organized online crime. PC World has the story behind spyware. Click "Printer Friendly Version" at the bottom of the first page if you want to read the article all on one page.

Somewhere around 90% of computers used online are infected with some spyware. Earthlink found that 30% of their users had a serious number (scores) of these parasites on their computers. People often don't have a clue that anything's wrong until their computer is deathly ill. [Grokster]

Even relatively benign "adware" can be a problem. If too many leeches attach themselves to your computer it will become enemic, crash and just act weird. Each parasite can add files, folders, cookies, DLLs, and Windows Registry entries. Each one steals memory, CPU cycles and connection bandwidth. [example]

More on spyware, and the top 25 spyware and adware threats.

How does spyware get in?

Malicious Code: Some spyware gets in as an email attachment, network worm, or other malware vector. Most spyware gets in by deception though.

Bundling: Some spyware comes bundled with free (and maybe useful) programs -- file-sharing, screen savers, or other free utilities. It is often installed by stealth. There are dozens of bogus anti-spyware programs, for example

Popups: Spyware is often a hidden payload of an insistent or tempting popup. Typical message: you need additional software to clean your computer, view a webpage, or some other malarkey.

Drive-by Downloads: It is possible for malicious email webpages to install spyware when you view it, even though you don't click on anything. Keeping Windows patched is the best defense against this hazard.

These days, "malicious or 'specially-crafted' webpage" includes anything from a personal comment on a webpage, to a personal page on a service like MySpace, to an advertisement. "But," you may say, "I never go to risky sites." That's no longer very relevant. :-) Anything can bite.

Hardware: The installation CD may contain inviting "bonus" software which conceals spyware. In my case, a "reputable" hard drive manufacturer included spyware on the CD that came with it. Being paranoid, I checked it out first, and skipped the grief.

Even though the name may imply otherwise, all spyware is not illegal. You may get a obscure notice in a long, complicated user agreement (EULA). Who reads those things? :-) If you click OK, you have just given permission for them to install the spyware, and that makes it legal. :-(

Warning:

Watch out for bogus "Spyware Removal" programs. They prey on the fear of spyware that people now have. You'll commonly see a pop-up warning that your computer is infested with spyware, but their program can take care of it for you. They are invariably scams. It's Ju-Jitsu all over again. :-) Some just waste your money. Most are are intrusive to boot, and some are vicious.

A short :-) but incomplete list of programs that install parasites: SpyAxe / SpyBan / SpywareNo / AdWare Remover Gold / BPS Spyware Remover / Online PC-Fix / SpyFerret / Spy Wiper / SpyBlast / SpyGone / SpyHunter / SpyKiller / SpyKiller Pro / SpywareNuker / TZ Spyware-Adware Remover / SpyAssault / InternetAntiSpy / Virtual Bouncer / AdProtector / SpyFerret / SpyGone / SpyAssault / [more]

What does spyware do?

Keystroke Loggers:: Particularly dangerous spyware: Captures all your keystrokes, both when you're online and offline, and then sends them to the spy master. Your keystrokes include passwords, account numbers and credit-card numbers.
Browser hijackers:: Software that changes web browser settings to switch home pages or hijack search functions, for example. It makes it easier to track, steer or dupe users.
Spybots:: Classic spyware that snoops in your files and email, monitors your behavior, collects logs of your activity, and then transmits the information to the attacker. The danger is on a par with keystroke loggers. The information is often used to craft a convincing scam.

Even if you dodge the bullets, adware and spyware have unintended side effects. Get too many--a dozen or so--of these aggressive parasites on your computer and it will run slower, crash more often and operate strangely. These rogue programs are not designed to be secure, so they can be gateways to other attacks. Not a pretty picture.

What can I do about spyware?

Prevention is the best cure.
Advice on removing spyware.

How do I know if my computer is infected?

Earthlink and Webroot (Spy Sweeper) found on average around 25 instances of spyware on the many PCs they checked in 2004.

Symptoms that indicate your computer might be infested with spyware:

Your computer runs slower and slower, and may crash more often.
You get a lot of Porn popups, no matter where you browse.
Your modem is active when you're connected to the Internet, but not doing anything.
Your computer dials on it's own.
New favorites (browser bookmarks) are added without your knowledge.
Your browser's start page keeps changing to some strange Web site.

Some of the most dangerous spyware is very discrete. You'll need good anti-malware tests or software to root it out.

Don't use public PCs like the ones in Internet Cafes or Public Libraries to do business online. Many of these public machines have surveillance software, like keyloggers installed. Guess where your information goes -- right to fraudsters who know how to use it to clone your identity for their own use. [more]