Spyware - Public Enemy Number 1
Overview
Recent surveys of IT managers and security firms identify spyware as public enemy #1. Businesses report spyware incidents rising sharply in recent months. Typically associated with unprotected home PCs, spyware could soon qualify as the top security headache in the corporate world. When queried as to which posed a greater security threat to networks, 10% of the respondents chose phishing, 23% said viruses and 67% replied spyware. And while spyware has turned into a key security concern for those managing corporate networks, its negative impact on home users appears even more detrimental. Because of spam, spyware and related problems, it is estimated that about 44 percent of home users use email and the Internet less today than they did one year ago.
The problem has become so serious that even Microsoft has worked to combat it at the OS level. With the release of Windows XP SP2 in 2004, the company redesigned Internet Explorer with a pop-up blocker and included a more-robust firewall. And since then, Microsoft has included anti-spyware utilities built into the latest releases of their operating systems.
Regardless of how a PC gets infected, the results can be serious: compromised company security, overloaded networks, and significant user downtime and inconvenience. Although the symptoms of a system that's overwhelmed with spyware vary, the primary indicators include sluggish performance, broken Internet connections, and possibly even an unusable PC. Plus, ultimately, your identity and private information may be compromised. On a corporate level, spyware can compromise network and data security, corporate assets and trade secrets.
Aside from potential identity theft, many spyware programs steal from you by cluttering your computer's memory resources and eating bandwidth as it "talks" to the spyware's home base using your Internet connection. This could lead to your computer suffering system crashes and/or slower performance.
There are some observers who think that the spyware epidemic is overblown -- at least where corporations are concerned. Since most spyware comes from users installing 'free' content or questionable software they claim that at the enterprise level businesses have the talent and budget to create and enforce policies that prevent people from installing things themselves. However, others disagree noting that misspelling a common domain name can land on a domain that will inject spyware into your PC. In fact, it is difficult to avoid getting spyware if you surf the Internet at all.
Definition of Spyware
Many analysts and administrators agree that while spyware's impact is rising, its definition remains elusive. The umbrella term most commonly refers to a wide range of unethical software, from difficult-to-uninstall toolbars to home-page hijackers and pop-up window generators. In a poll of security administrators and IT managers more than half of the respondents said that most users don't know what spyware is -- which may partly contribute to its growing threat. A common definition of Spyware is any program or technology that aids in gathering information about a person or organization and which is capable of locally saving or transmitting those findings without the user's knowledge or consent.
Below is a list of some of the most "successful" offenders:
PurityScan displays pop-up advertisements onto your computer whenever you are online. It induces you to install it by claiming to find and delete pornographic images.
n-CASE delivers targeted pop-up advertisements to your computer -- it is often bundled with freeware applications.
Gator has the ability to display banner advertisements based on your Web surfing habits and is usually bundled with free software programs.
CoolWebSearch has the ability to hijack your Web searches, home page, and Internet Explorer settings.
Transponder is an IE Browser Helper Object that monitors requested web pages and data entered into online forms, and then delivers targeted advertisements.
ISTbar is a toolbar used for searching pornographic web sites that displays pornographic pop-ups and hijacks your homepage and Internet searches.
KeenValue is a program that collects personal information and delivers advertisements to your computer.
Bargain Buddy delivers targeted pop-up advertisements to your computer based on key words you enter while surfing the Web.
Internet Optimizer hijacks error pages and redirects them to its own controlling server at http://www.internet-optimizer.com.
Perfect Keylogger is a monitoring tool that records all visited web sites, keystrokes and mouse clicks. It is usually installed manually.
TIBS Dialer is a dialer program that hijacks your modem and dials toll numbers, usually to access pornographic "pay" Web sites.
How Does Spyware Find You?
You visit a few web sites on the Internet
You download freeware/shareware applications
You swap music or photos with other users
You open spam email messages or open attachments
Other people use your computer
Symptoms of a Spyware Infection
Different default homepage
Unusually slow Internet access -- Spyware clogs bandwidth because it is importing information while sending out information about the user or their habits
Reduced computer productivity -- Spyware slows the system because it operates in the background
More frequent pop-up ads
New or different search toolbars
Unidentified toll charges on your phone bill -- a dialer can initiate outgoing calls from your PC to 900 numbers with the sole intention of generating large phone bills
Spyware Protection
In an effort to help in the fight against the spyware epidemic, Microsoft has been focused on getting their anti-spyware software updates to users as quickly as possible. The company claims that people are reporting spyware-related issues more than ever, and that over one-third of the reported crashes in their applications are related to spyware issues.
There are several ways that one can minimize the threat that spyware poses to us all. These include:
Practice safe surfing
Apply fairly secure configuration settings to your browser
Delete spam email
Be wary of cookies -- these may add convenience to your browsing, but they can also track your activities and relay that information back to third parties. The outbound communication caused by cookies also slows your Internet connection
Be wary of peer-to-peer file sharing services
Run anti-spyware software -- the most highly regarded are Spybot-Search & Destroy, Spy Sweeper and SpywareBlaster. Actually, running a "cocktail" of the three is the most effective. However, some spyware programs insert themselves in Internet Explorer's Trusted Sites -- and even the anti-spyware software won't remove them from there. So it is necessary to clean that out manually. This can be accessed from IE's main menu by selecting Tools -> Internet Options -> Security -> Trusted Sites
Steve Leytus is a senior software engineer and develops applications for NutsAboutNets.com. For more information about AirSleuth 2.4 GHz Spectrum Analyzer and other low cost, PC-based diagnostic tools for installing, optimizing and trouble-shooting 802.11 (Wi-Fi) wireless networks please visit http://www.NutsAboutNets.com.
Streamyx TmPointStreamyx Telekom
Streamyx Kuala Lumpur
Streamyx
Streamyx Installation guide
Streamyx broadband
Streamyx Registration
Streamyx Online registration
Streamyx
Streamyx Combo
Streamyx Promotion
Streamyx Promotions
Streamyx Blog
Streamyx Discussion
Streamyx Technical