Cyber Security: How to Avoid Spyware
Spyware is software that resides on a computer and sends information to its creator. That information may include surfing habits, system details or, in its most dangerous form, passwords and login information for critical applications such as online banking. Many spyware programs are more annoying than dangerous, serving up pop-up ads or gathering e-mail addresses for use in spam campaigns. Even those programs, however, can cost you valuable time and computing resources.
Often, spyware comes along with a free software application, such as a game or a supposed productivity booster. Once it’s downloaded to your computer, the functional elements of the software work exactly as promised. At the same time, the information-gathering system sets up shop behind the scenes and begins feeding your data back to headquarters.
In many cases, the hidden activities of the software are clearly described in the end-user license agreement (EULA) that is displayed during the installation process. This protects the developer from potential legal action because they can prove you knew (or should have known) that the program included this functionality when you installed it. Most of us, however, don’t read EULAs because they are long, boring and written in hard-to-understand legalese. As further proof that there’s a software application for everything these days, you can now obtain software that will read EULAs for you and display a warning if keywords or phrases indicate there’s a spyware risk.
Other Types of Malware
In addition to spyware, there are other kinds of invasive programs that can make your computing life miserable, so it’s worth it to take a moment to define a few terms:
Short for malicious software, is a general phrase used to define any program that runs on a computer without the user’s knowledge and performs predetermined functions that cause harm. In that sense, spyware can also be malware.
This refers to programs that display pop-up advertisements. The subject matter of the ads is often based on surfing habits, but may also be tied to a specific advertiser.
A virus is a program designed to spread itself among files on a single computer or computers on a network — usually the Internet.
A worm spreads itself around a network by making copies of itself as it spread. They also may be capable of changing their profile to avoid detection.
Like the infamous horse of Greek mythology, the computer version takes on the appearance of something benign, such as an update or add-on to an actual program. Once on your computer, it may perform harmful functions such as erasing your hard disk or deleting all your image files. Like spyware, a Trojan may also gather information and send it to the developer.
While cookies aren’t specifically malware, they can be used in similar ways. Cookies are small data files used by Web sites to store information on your computer. For example, a shopping site may want to identify items you’ve looked at, but not purchased, or store data on current purchases until you head for the checkout. A less scrupulous site, however, may decide to look through your cookies for personal information, such as recent sites you have visited.
The Effects of Spyware
In its most benign form, spyware can gather data on your Web surfing habits and serve up ads for specific products or services. It can also turn your computer into a zombie system, sending spam e-mail messages to your contacts and far beyond. Your system can also be used to store data, such as e-mail lists, personal information or illegal images. Some spyware programs are designed to capture every keystroke and mouse click, allowing hackers to follow you around the Web in real-time, as you log in to your bank account or other important sites.
When it comes to spyware, the best defence is a great offence. Taking action to avoid getting spyware on your computer in the first place helps prevent you from becoming a victim. That is, of course, easier said than done. However, there are some actions you should take to guard against the spyware threat:
- Keep Windows up-to-date by setting up automatic updates in the control panel. Microsoft issues critical updates at least monthly. Many of those are designed to eliminate or avoid specific spyware threats.
- Install an anti-virus software package and keep it updated at all times. There are many of these available, some of which are free. The most popular brands include Norton, Microsoft Defender, McAfee, Spybot, Search & Destroy, Pest Control and Grisoft. Your Internet service provider may offer a utility or guide you to a recommended solution, too.
- Don’t download shareware (or anything else for that matter) from unknown sources. Seek out reliable providers of free utilities, such as download.com.
- When you do download software, read the end user license agreement before committing to the installation. When in doubt, do not install the software.
- Don’t click on any pop-up or advertisement for free anti-spyware software. These are almost always fake, even if they carry the name and logo of a well-known publisher. Ironically, this is a very popular method used to distribute spyware and other malware. If you’re looking for anti-virus software, go directly to the company’s Web site and be sure you’re where you think you are.
- Set your browser and operating system security level to at least the medium setting (or higher) for best results. You may see a few more warning messages, but it’s a small price to pay for security.
- Install a firewall and, if you have a home network, use a separate router, rather than sharing the Internet connection through one of your computers. This puts one more barrier between you and the bad guys.
- Avoid questionable Web sites. If you visit a site that seems strange, there’s a good chance you shouldn’t be there.
- If a virus alert appears on your screen as you visit a Web site, don’t click on it, even to close it. Instead, type control-alt-delete to launch the Task Manager and use the “End Task” command to close the window. Next, use your anti-virus software to run a complete scan of the system.
- Never open an e-mail attachment if you’re uncertain of its source.
If, despite all your efforts, you find your computer has spyware on it, stop working immediately and disconnect the computer from the Internet to avoid passing any information to the bad guys. Run a comprehensive scan using your anti-virus software. It’s also wise to contact the help desk of the company that manufactured your computer for advice on how to proceed. Your Internet service provider may be helpful, too.
Updated anti-virus or anti-spyware software will probably catch the errant program, display a warning and take care of the problem for you. Again, that’s only if you have a solid protection package in place and are keeping it and your operating system updated at all times.
If all else fails, you may have to reformat your hard drive, reinstall the operating system and software and copy your data back to your drive. While painful and time-consuming, this solution also serves to clean up the system, eliminating unused applications and data. This is almost certain to make the machine run faster and increase the space available on your hard drive. Just be sure you have a recent, clean backup of your data before taking the plunge.
While the number of threats to computers seems to increase almost daily, the defence mechanisms available to protect them are also growing in number and sophistication. Today, most users can protect themselves from spyware through the vigilant application and maintenance of the operating system and reputable anti-virus software.