Spyware and adware are both forms of malware. While not normally a risk to your computer files or programs, they pose a great threat to your privacy. Also, unlike most forms of malware, spyware and adware are sometimes created by legitimate corporations and used legally, albeit without knowledgeable consent on the part of the user.
Spyware:
Legitimate - "Legal" spyware normally consists of monitoring programs that are installed when you install another program. The purpose of the spyware, in this case, is usually to track what webpages you go to, and report the findings to the company. The information collected is used to improve marketing.
Illegitimate - Illegitimate spyware is one of the largest threats to personal information security. This type of malware does not come with a EULA, or if it does, it is so obtuse and confusing that even a careful reading will not reveal the software's full operation and purpose. The worst forms of spyware compromise the confidentiality and integrity of your entire computer. That's because spyware begets more spyware. Spyware slowly, over time, increments on your PC, adding more and more elements in dribs and drabs via the network. Spyware vendors support the installation of each other's products on the target computer. This makes good business sense. If I install your spyware product after I install my product on a machine I've targeted, you will do the same for me. This increases our distribution network. As a business model, this is a win-win for spyware vendors. It's a big loss for the computer owner. Over time, a system will become so bogged down with spyware that owners will just abandon their machines and buy a new one. Consumer Reports stated in the September 2006 issue that nearly a million U.S. housholds did just that. Total damage from spyware is estimated at $2.6 billion.
Spyware is a favorite money maker for Bot Masters. They are paid on a per placement basis. If they can install spyware on your unprotected machine, they can earn money from the spyware developers. The developers don't care how their software gets installed on your computer. Their value lies in volume. The more machines their software is installed on, the more data they collect.
The Price of Free is Your Privacy
The best way to get spyware is to install something you've downloaded for free from the Internet. Animated cursors (Talking Homer), screen savers, weather monitoring software can all come with spyware. File sharing applications are notorious for bundling spyware with their products. If you want to test this, check the number and name of the programs installed on your PC prior to installing a file sharing product using the list found with the "Add or remove programs" utility in Control Panel. Then check the same list again after you've installed the file sharing application. You will discover that you've installed much more than one piece of software...and you will not be given an uninstall option.
Spyware & Stalking
The most insidious form of spyware is a keylogger. This tool, readily available in many forms on the Internet, is designed to record every keystroke typed by a user. That includes passwords, social security numbers, credit card numbers, web sites visited, instant messages, and the contents of emails. Keyloggers can be combined with other software that sends this information to a remote host where the data can be analyzed and exploited. It's not only criminals who are intersted in this information. Keyloggers are being marketed to domestic partners and spouses as a way of tracking their activities on line. In a recent case that resulted in indictments of both the perpetrators and software developers, a product called LoverSpy was installed on the victim's machine via an electronic greeting card. LoverSpy then sent all the information it collected back to the stalker.
Adware:
Legitimate - Adware is a often less dangerous, but can be a more annoying form of malware. Like spyware, there are legitimate implementations with EULAs. A good example is AOL Instant messenger which installs an ad-payer that runs through different ads on the messenger's "buddy list". Some versions also include ads on the individual IM Window.
Illegitimate - Adware can still be dangerous, however. The more obnoxious versions redirect your browser, preventing you from visiting certain web pages, and even changing your home page. More often than not, the sites you are sent to are pornographic in nature. Adware can install unwanted "toolbars" or other items on your web- browser.
Additional Information:
Please note that MALWARE FREE is one of the University's network standards. Keeping your device clean is important for your information's protection, as well as that of other University network users. It is recommended that you run scans for adware and spyware at least once a week (the more you browse the Internet, the more you should run the scans). For descriptions and instructions on anti-spyware tools, please see the links below:
Information on different Security Tools.
Information about the university Network Standards.
Information on How Anti-Spyware Applications Work.
