I Spy

Part One of Two on Spyware

Why Do I Feel Like Somebody’s Watching Me?

Spyware is one of the fastest-growing internet threats. According to the National Cyber Security Alliance, spyware infects more than 90% of all PCs today. These unobtrusive, malicious programs are designed to silently bypass firewalls and anti-virus software without the user’s knowledge. Once embedded in a computer, it can wreak havoc on the system’s performance while gathering your personal information. Fortunately, unlike viruses and worms, spyware programs do not usually self-replicate.

Where does it come from?
Typically, spyware originates in three ways. The first and most common way is when the user installs it. In this scenario, spyware is embedded, attached, or bundled with a freeware or shareware program without the user’s knowledge. The user downloads the program to their computer. Once downloaded, the spyware program goes to work collecting data for the spyware author’s personal use or to sell to a third-party. Beware of many P2P file-sharing programs. They are notorious for downloads that posses spyware programs.

The user of a downloadable program should pay extra attention to the accompanying licensing agreement. Often the software publisher will warn the user that a spyware program will be installed along with the requested program. Unfortunately, we do not always take the time to read the fine print. Some agreements may provide special “opt-out” boxes that the user can click to stop the spyware from being included in the download. Be sure to review the document before signing off on the download.

Another way that spyware can access your computer is by tricking you into manipulating the security features designed to prevent any unwanted installations. The Internet Explorer Web browser was designed not to allow websites to start any unwanted downloads. That is why the user has to initiate a download by clicking on a link. These links can prove deceptive. For example, a pop-up modeled after a standard Windows dialog box, may appear on your screen. The message may ask you if you would like to optimize your internet access. It provides yes or no answer buttons, but, no matter which button you push, a download containing the spyware program will commence. Newer versions of Internet Explorer are now making this spyware pathway a little more difficult.

Finally, some spyware applications infect a system by attacking security holes in the Web browser or other software. When the user navigates a webpage controlled by a spyware author, the page contains code designed to attack the browser, and force the installation of the spyware program.

Part Two next week so beware they may be watching.