A friend called me one day, frustrated out of his mind that his computer was acting very strange. When he opened his Internet Explorer, it sent him to a strange site and pop-up windows kept covering his screen. He even complained about the performance of his Intel Pentium 4 computer system, stating it was running a lot slower than two weeks prior. I told him that it sounded like a bad case of a spyware infection.
So what is this spyware? Spyware is software that collects personal information from your computer without your knowledge of the occurring event. Information gathered from spyware ranges from the collection of all web-browsing activities to collecting sensitive information like usernames, passwords, address and even your social security number. Spyware has the ability, when installed, to modify system settings, which perform undesirable tasks on your computer system. Furthermore, spyware has been known to redirect user’s web browsers, cause computers to dial services for which they are billed and install DLLs and other executables files to send your personal data to another computer. This is done by using the computer’s memory resources and also by utilizing bandwidth, as it sends information back to the spyware’s home server via the user’s Internet connection. Because the spyware program is using memory and system resources, the applications running in the background can lead to system crashes or general system instability.
Some of the more notable spyware programs are listed below
- Bonzi Buddy
- Gator, made by the Claria Corporation (Advertising, pop ups, privacy violation, significant security risk, partially disables firewalls, some stability issues)
- Internet Optimizer (Advertising, fake alert messages, possible privacy violatiom, security risk)
- lop (advertising, pop ups, security risk, tries to dial out at random)
- MarketScore (Claims to speed up Internet connections: serious privacy violation, loss of Internet connection on some systems)
- New.net (security risk, stability issues, common cause of inability to connect)
So, how does a person acquire one of these spyware programs anyway? Well, spyware can be installed onto your computer system through many different methods. You might be the target of spyware if you download software, music or free games off the Internet from unknown websites. Spyware is hidden in freely available software, and when you download and install the software, the spyware programs are injected into your system. Since the software is free, an abundance of users usually download them without reservations.
The other method of obtaining spyware on your computer system is through the security flaws in Internet Explorer (IE). IE makes it very easy for spyware to be installed on your computer without your knowledge. This process is occuring through ActiveX and Active Scripting. These two technologies are designed specifically for the purpose of giving websites more control over your computer. Unfortunately, as we have seen or experienced firsthand, that’s not always a good thing. IE has proving to be a useful entry point for hackers, providing an easy way for them to plant malicious programs onto your computer system.
The backbone for big time spyware are ad-serving networks that pay publishers of games, utilities and music/video players per download, to include their ad serving programs. Ad serving networks are DoubleClick, Web3000, Radiate, SaveNow, GAIN.
A number of programs that enable the adware networks to function on desktops are bundled in many popular programs and often (not always!) presented in installation disclosure screens as desirable add-ons to their Trojan horse hosts. All collect information. Included in TopText, Cydoor, OnFlow, Medialoads, Delfin, WebHancer, New.net.
These popular Internet downloads usually come with the ad serving network basic software and at least one stalking horse. Included in KaZaa, Grokster, Morpheus, Limewire, AudioGalaxy, iMesh, DivX.
Stand-alone programs that incorporate similar approaches have no links to ad serving networks and collect information from users. Included in Alexa, Hotbar, Comet Cursor, eWallet, CuteFTP, BonziBuddy.
Netscape Navigator and Internet Explorer will still send out existing cookies even after disabling cookies in the browser settings. You must manually delete any/all cookie files on your system to eliminate being tracked by third-party ad networks, spyware and adware providers.
Protecting your computer from spyware
Here are a few tips on detecting, removing and protecting your computer system from spyware.
Watch what you download
Before you download anything from a Web site do some research, such as asking friends or checking other resources you trust. Spyware can be intrusive and often difficult to delete. Sometimes, people actually wipe their hard drives clean and start over again just to get rid of them.
Beware of freeware programs
Before you download anything from a Web site do some research, such as asking friends or checking other resources you trust. When you install any program make sure you read the message on each window before you click “Agree” or “OK.”
Know good cookies from bad cookies.
These little text files have a bad reputation. But much of that is based on ignorance. Cookies actually perform valuable services. For instance, they can shoot you right into a site so you don’t have to enter your password.
Install a personal firewall
Personal firewall can assist in preventing establishment of unauthorized connections from your computer to remote computers.
Install a Spyware detection and removal program
Spybot, a freely available program is definitely good spyware and adware detection and removal.
Install a Virus Program
Popular anti-virus products such the latest versions of McAfee VirusScan and Norton Anti-Virus 2004 now include adware and spyware scanning.
Make sure your Windows software is always current. You can do this by visiting Windows Update and by enabling Automatic Updates. For detailed instructions, see our story about updating your Microsoft software.
Adjust your Internet Explorer (Web browser) security settings
If you change the security level to “low,” Web sites will be able to download software to your computer without telling you, so be careful when using this setting. If you need to change the security level to low for some reason, change it back to medium or higher as soon as possible.
Aside from the questions pertaining to ethics and privacy concerns, spyware is very annoying. The bright side in curbing this annoying situation is more entities are joining the battle to help out the end user. Virus companies are bundling spyware detection and removal software in their new releases, and some Internet service providers (ISPs) are introducing protection from adware and spyware. For example, America Online (AOL) announced in January spyware protection as an enhancement for AOL 9.0 Optimized.
I’ve even heard of users, so annoyed with spyware who stated they stopped using IE and switched over to another browser as their web browser of choice to access the Internet, while another user threaten to switch their computer system altogether to a Macintosh.
This problem will not go away quickly, but it should be more manageable in the near future as more users become aware and educated with spyware, the new annoying threat.