Click
Here
for more articles |
|
|
Everything
You Need To Know About Spyware and Malware |
by:
Mike
Christy |
You
are at your computer, checking out software
on EBay. The computer is really sluggish,
and you are not running anything else. You
click on a link, and BLAM you are redirected
to a search page you've never heard of and
the "back" button won't work.
You've got Spyware! Just what is "Spyware?"
The word brings to mind exploding pens and
shoe phones. In fact, software makers have
struggled to define what spyware is, and
is not.
The Anti-Spyware Coalition, a group of companies
that include EarthLink, Microsoft, and Hewlett-Packard,
have recently published a document that
defines spyware as such: "Spyware impairs
users control over material changes that
affect their user experience, privacy or
system security; use of their system resources,
including what programs are installed on
their computers; or collection, use and
distribution of their personal or otherwise
sensitive information"
In simpler terms, spyware "spies" the software
on your computer, personal information,
what web pages you look at, and in some
cases, usernames and passwords. Ugh.
The first spyware distribution was in 1999,
and is attributed to a popular freeware
program called "Elf Bowling." Many users
found to their dismay that this "harmless
game," was sending information to the creators,
Nsoft. This spawned the first anti-spyware
program in the year 2000.
Now, both spyware and anti-spyware programs
are too numerous to count.
There are several types of software that
fall under the generic description of spyware.
Let's look at a few, and what they do.
Adware - adware is an application that displays
advertising banners. The reason this is
criticized is that it can send information
back to the company, who then "targets"
you with specific banners based on the web
pages you've opened. This is different from
clicking on a banner for more information.
This program sneaks in the "back door,"
not "advertising" its presence. Please note
that the word "AdWare" is a trademark of
AdWare Systems, an honest software company.
They are not a part of adware, just share
the unfortunate name.
Key loggers are just that. They collect
the keystrokes you make, like logging into
your bank account, and send it to the hacker.
Now he has your account number, user name,
and password.
Hijackers and Toolbars are another form
of spyware. Hijackers take over your browser,
opening pages you don't want, and preventing
you from opening ones you need - like a
site that tells you how to get rid of them.
Toolbars are the same sort of thing. Now,
you may want to have a toolbar like Yahoo
or Google on your browser. They can make
searches easier, and may have popup or ad
blockers. The malware forms of these try
to look like them, but they have completely
different motives.
Malware is a generic term for "malicious"
software. These programs don't just collect
information; they are out to get your computer.
Technically, these are not spyware, but
a brief explanation seems to be in order.
Malware spreads itself through the computer,
changing files, making copies to send, even
erasing the hard drive. Virus' and worms
are a part of this group.
Other malware programs are "Trojan Horse,
or Backdoor." These hide quietly in your
computer until you connect to the internet.
Then they creep around your browser, "reporting
in" to the owner, who then uses your computer
"address" to send out virus's, malware,
and spam. Some hackers link several computers
to send so much nonsense information to
a particular web site that it is overwhelmed,
causing it to shut down.
How does spyware end up on your computer?
You're not going to like this . . . but
most likely you loaded it on yourself! Wait!
Before we get nasty letters, let us explain.
Remember those "smileys" you downloaded
last week? How about the cute cursor the
nine year old picked? Most of these "free"
programs have spyware attached, or imbedded
in them. Even Adobe Reader loads a "Yahoo
search bar" when you update the reader.
Remember when you installed the program
and that gray box popped up with a thousand
lines of small print? Did you read it? I
doubt anyone does. The spyware distributor
counts on that. If you do manage to slog
through the legalese, and stuff only advanced
programmers would know (or care about),
there will be a few innocuous lines, something
along the lines of: "this program will collect
information to better your enjoyment of
this program," or "a web search toolbar
will be added to your browser." When you
click on the "accept" button to install
the software, you have also agreed to the
spyware program.
Another way is when a box pops up claiming
to be legitimate software needed to view
the site properly, or that it is an update.
It only has a "yes" button, implying that
you are required to allow the download.
These are copying legitimate updates from
places like Microsoft, or Macromedia.
Just what is spyware going to do to your
computer? Anything you can do, he can do
better. It is an executable that can record
keystrokes, read your files, watch your
word processing program, change your home
page, add and delete files, read your cookies
(with personal info), then "phone home"
with the info. Some spyware will crash your
browser if you try to uninstall it. Others
may "pretend" to be uninstalled, but they
wait until your back is turned to load itself
back on your system.
You don't know how the stuff was loaded
on your computer, but it is causing all
kinds of problems. The computer is running
slower, certain programs are not working,
and on occasion, you see the dreaded "blue
screen of death." (crash). Don't worry,
you are not alone According to an October
2004 study by America Online and the National
Cyber-Security Alliance, 80% of surveyed
users' computers had some form of spyware,
with an average of 93 spyware components
per computer. 89% of surveyed users with
spyware reported that they did not know
of its presence, and 95% reported that they
had not given permission for it to be installed.
Now what do you do? There are several good
"spyware removal" programs out there. But
be warned! There are also a number of programs
that claim to be anti-spyware that do not
work, or worse add more spyware to your
system! A good resource for "suspect" spyware
is the list at:
http://www.spywarewarrior.com/rogue_anti-spyware.htm
They have a list of over 200 programs that
claim to take care of spyware, but may not
do what they claim.
Once you get your computer "clean," how
do you avoid getting "dirty" again? There
are firewalls and programs designed to watch
for known spyware. When you register, the
"known spyware" definitions can be updated
on a regular basis.
You could use a browser other than Internet
Explorer (most spyware exploits problems
here). This writer loves Mozilla Firefox
- it's free at www.mozilla.org
Our lawmakers are doing their best to stem
the tide of spyware/malware. For example,
in Washington State, USA, it is illegal
for anyone other than the owner/operator
of a computer to install software that alters
web browser settings, monitors keystrokes,
or disables computer security software.
The Gibson Research Corporation, www.grc.com,
has several free fixes to "plug holes" in
Internet Explorer's security.
There is hope. In 2005, NY Attorney General
Eliot Spitzer brought suit against Intermix
Media, Inc. Intermix's spyware program spread
by drive-by download (loaded without permission),
and installed itself in such a way it was
very difficult to remove. Intermix settled
for $7.5 million dollars.
Spyware is here to stay. Your best bet is
to be informed - know the tricks used by
spyware to load itself. Use a firewall or
spyware blocker program. Most important,
understand exactly what that new program
will install on your innocent computer.
About the author:
ABOUT THE AUTHOR:
Mike Christy is the owner of http://www.spywarecenter.infowhich
is a free information site providing the
latest Spyware news and instructions on
how to remove Spyware from your computer.
Circulated by Bandoni
Media
|
|
