 |
|
Table of contents
What is spyware?
The term "spyware" refers to software that is intended to partly take control of your computer without your consent or knowledge. It usually masquerades as or is included with seemingly harmless and even useful software. Currently spyware is only a problem for users running Windows operating systems. At this time, users of Apple Macintosh computers do not need to be worried about spyware, but this may change in the future. What is spyware doing on my machine?
Every piece of spyware is different, but the sorts of things that it does can be divided into a few broad categories. Most spyware does one or more of these things: Displaying advertisements on your computer. Spyware often causes pop-up advertisements to appear in your web browser, sometimes even when you are not browsing the Web, or even when you are not connected to the Internet. These advertisements are often of an obscene or deceptive nature. The spyware authors, or companies associated with them, get a small amount of money for every ad that they make a user look at. Monitoring what you do on the internet. The creators of spyware are often associated with advertisers or marketing firms, so the software that they sneak onto your computer will often track what you do on the Internet: where you go, what things you search for, what things you buy, etc. Marketing and advertising companies of a less scrupulous sort will pay for this information. Sometimes the middleman is cut out and this feature is combined with the previous one, so the spyware will gather targeted marketing information about you and use that information directly to display targeted ads on your computer. Stealing your personal information. Sometimes the type of monitoring mentioned above extends to monitoring what credit card numbers or passwords you enter on the internet, which can lead to identity theft. Spyware will also often send your web browser to websites that fraudulently pretend to be legitimate, to trick you into entering sensitive information like credit card numbers. Spyware will also often track who you send emails to and look in your address book to gather lists of email addresses. Bulk emailers use these lists to send spam. Sending junk email (spam). If a 'spammer' (someone who specializes in sending bulk junk email, or 'spam') wants to send messages to large numbers of email addresses, they will often do it through spyware. If the spammer were to send a hundred million email messages in a day, they would almost certainly get shut down by the authorities - but if they can infect ten thousand computers with their spyware and make each of those computers send ten thousand email messages, they will be able to get ten million email messages sent without much chance of their actions getting traced back to them. Infecting your computer with MORE spyware! Spyware will often connect to the internet without your consent and download MORE spyware onto your machine, or display deceptive pop-up ads that trick you into downloading more yourself. This means that one piece of spyware on your system can quickly turn into ten pieces, and then into a hundred pieces! Slowing down or crashing your computer. Some of the worst - or at least most noticeable - effects of spyware are unintended side effects. Spyware can make your computer slow or unstable, or even crash it completely. Since most spyware is actually 'hacking' into your computer to do its work, it can often damage your computer in the process. A good analogy is to imagine a sloppy thief trying to pick your lock, and accidentally snapping his lock picking tool off in your lock, ruining the lock in the process. The reason why spyware can slow your computer down is much simpler. Each piece of spyware is just a hidden computer program that is running on your computer. At first, especially if you have a relatively fast computer, this won't make much of a difference; but once you have a large number of them infesting your computer, the computer has to work so hard just to run the spyware that it hardly has enough time left to do anything else. It is as if you were trying to browse the web, burn a CD, listen to music, have ten Word documents open, watch a DVD, and play a game, all at once. Unless you have a pretty powerful computer, it won't be able to do all of that at once. But in that example above, you could just close some programs. Since spyware programs tend to be hidden, they're not so easy to close. How does spyware get onto my computer?
Many of the methods that the creators of spyware use are complicated and technical, but some of the more common methods can be summed up in a few categories: Deceptive banner ads. A lot of pop-up or banner ads that you will run into on the internet will attempt to trick you into clicking on them by pretending to be important system messages, saying things like "Your internet connection is not optimized, click here to fix it" or "Your computer is infected with spyware, do you want to clean it?" Sometimes ads claim to be for downloadable games, or for products that will supposedly protect you against spyware and popups. Clicking on these sorts of advertisements is almost a guarantee of getting spyware or viruses on your system, because even if you don't click "yes" to anything, there are ways for spyware to sneak onto your system just by clicking on a popup link. Note: The way that most Internet advertising works can seem a bit odd, and can be dangerous. People who want to place advertisements pay large Web advertising companies, who in turn pay website owners to display the ads. Unfortunately, even though it looks to you like the advertisements are part of a webpage that you are viewing, they are actually inserted into the web page by the advertiser - so the owner of the website often has no control over what ads actually show up. This means that even a completely legitimate and trustworthy website can contain deceptive or fraudulent advertisements, or even ads that will put spyware on your computer if you click on them. A good metaphor for internet advertising is this: Treat any advertisement on the Web with the same skepticism that you would have towards a strange man trying to sell you something in an alley, even if the alley is next to respectable business. Email attachments. An email attachment - even one that looks like it is from someone who you know - can contain a virus or a piece of spyware, ready to install itself on your computer. Disreputable or unscrupulous websites. Unfortunately, there are ways that the owner of a website can cause spyware to be installed on your computer just by the act of visiting their website, by exploiting flaws or security holes in your Web browser. Most of the worst security holes are in Internet Explorer, and while Microsoft tends to fix these problems after they are discovered, new security holes are being found and exploited all of the time. If you have not updated Windows or Internet Explorer recently, you are even more vulnerable, since an old version of Internet Explorer will contain many security holes commonly known to the creators of spyware. Other software. A common way for the creators of spyware to spread it is to package it with a seemingly legitimate piece of software. Possibly the best known example of this is WeatherBug, which, by itself would be a useful program to give you weather alerts and other useful information. Unfortunately, when you install WeatherBug, you are also installing a few pieces of spyware in the process. Other pieces of software that have been known to come with a hidden package of spyware include, but are not limited to:
Other spyware. As stated above, many types of spyware, once on your computer, will download and install other pieces of spyware without your knowledge, allowing a small spyware 'infection' to snowball into a spyware 'infestation'.
How does spyware differ from viruses?
Spyware usually is software created so that a company (albeit an unscrupulous one) can profit by hijacking your computer. It finds its way onto your computer either directly from the company, from the person who created it, or through a middleman. It generally doesn't spread on its own directly from computer to computer. A virus is a malicious piece of software which is generally (though not always) created to perform what amounts to vandalism. It will disable or damage computers, delete files, etc., and will spread from computer to computer by its own means. Sometimes it will send copies of itself to others via email, or connect directly to other computers on your network or through the Internet. If I already have antivirus software, why do I need to worry about spyware?
Antivirus programs like McAfee or Norton Antivirus are good programs, and are an important part of keeping your computer working well. However, since different pieces of spyware function in very different ways, the tools that can easily fix viruses are usually not useful for removing spyware. It's like your doctor treating a sore throat one way if it is a viral infection and another way if it is a bacterial infection. All you know is that your throat hurts, but the doctor will have to prescribe different drugs depending on the nature of the infection. Companies that make Antivirus software are working on adding spyware protection to their products, but as of the writing of this document, none provides good protection against spyware. What can I do about spyware?
One option is to use a computer system which is not susceptible to spyware, such as an Apple Macintosh. However, this is not an option for some users for a variety of reasons. For people using windows, spyware is a big problem, but an ounce of prevention is worth a pound of cure. Use a web browser other than Internet Explorer. While security flaws are not unique to Internet Explorer, it tends to be the least secure Web browser. Unfortunately, some websites (most notably bank websites and internal company websites) are designed to function only with Internet Explorer. On the other hand, these sorts of websites are unlikely to give you spyware. The best option is to install a more secure web browser, such as Mozilla Firefox, to use when you browse the web, and to use Internet Explorer only when you absolutely have to.
Some recommended web browsers to use as an alternative to Internet Explorer:
Firefox is considered by many to be the best, fastest, more secure web browser currently available, as well as one of the easiest to set up and use. It also includes fairly good pop-up blocking and tabbed browsing. It is completely free. Firefox is the web browser recommended by Technical Reinforcements. The creators of Firefox (the Mozilla Foundation) also produce a free email program, called Mozilla Thunderbird, which can be used in place of Outlook or Outlook express.
Netscape has been around since shortly after the beginning of the web. It is not made as efficiently as Mozilla Firefox, so it may run a little bit slower, and the interface is a little bit more complicated, but some users prefer it. It also comes with an email program (which can be used to replace Outlook or Outlook Express) and is completely free.
Opera has also existed since the early days of the Web, though it is not as well known as some other web browsers. It also offers pop-up blocking, tabbed browsing, an email program, and many other features. Its popularity has been somewhat limited by the fact that the free version used to display small advertisements to support the authors - but this is no longer true. Opera is free, and does not display any advertisements itself (though as with any browser, web sites can display their own ads) There is also a "Premium" version available for purchase, though the free version works just fine. Make sure your computer and web browser are up to date. While even a brand new version of Windows, Internet Explorer, or other software can contain security holes that let spyware onto your system, such vulnerabilities tend to be fixed after they are discovered, so an up-to-date version will contain far fewer security holes than an old version. You should set Windows to automatically update itself by going to your Control Panel and selecting 'Automatic Updates' (in Windows 2000 and early versions of Windows XP) or 'Security Center' (in later versions of Windows XP). If you are not sure if your computer is up to date, you can manually update your software by going to http://update.microsoft.com/ Use anti-spyware software to scan and clean your computer. A good software scanning program with up-to-date spyware definitions will provide both prevention, and a good degree of cure. But beware! A lot of programs claim to be spyware removal programs, but will actually make your computer worse, by installing spyware or viruses. Never click on an advertisement that claims to be for anti-spyware software, because nine times out of ten, it will be deceptive. Here are some legitimate spyware removal programs:
Ad-Aware is one of the two programs that Technical Reinforcements recommends for spyware removal. It is easy to use and to install, but if you find it at all confusing, Technical Reinforcements can provide you with usage instructions. Ad-Aware is completely free, though there is a version that you can pay for that makes scanning and protecting your computer easier and more efficient. You can also check out our helpful guide: "How to use Ad-Aware"
Spybot is the second of the two programs that Technical Reinforcements recommends for spyware removal. It is also easy to use and set up, though not quite as easy as Ad-Aware. It also provides 'immunization' against some common pieces of spyware, stopping them before they start. Spybot is completely free, though the website does encourage donations. It is safe to give a donation if you wish to. Beware! There are a lot of illegitimate websites that will come up if you just search the Web for 'Spybot', so be sure not to attempt to download it from anywhere other than the website listed above. You can also check out our helpful guide: "How to use Spybot"
Spysweeper is a piece of commercial software, and is not free. It is a legitimate program, but Technical Reinforcements does not recommend it, because while it often works fine, we have seen it fail notably on a number of occasions, and on a few occasions even cause damage to a user's computer. It is, however, a real spyware removal program, and not the sort of dangerous fake that you were warned about above, so if you want to purchase it, you can do so at the above link, or at any computer store. Since no program is perfect, and because the creators of spyware are clever, no program will catch 100% of spyware 100% of the time. This is why Technical Reinforcements recommends using both Spybot and Ad-Aware on your computer, for maximum safety. If you run both programs once every week or two, you will have a good chance of remaining mostly spyware-free for a long time. If all else fails... Of course, it is still possible to infect your machine with spyware accidentally by downloading and running a malicious program or clicking on a deceptive advertisement, and some spyware programs are hard or impossible to remove automatically; but most users who follow our advice will find that their computers work much better, for much longer, and with far fewer calls to tech support. Also, if you already have a large amount of spyware on your computer, or if something particularly bad gets into your computer, even the advice given in this section may not be able to keep your computer running well. If you think your computer might have spyware, is slow, is giving you an excessive number of pop-ups, or just generally "acting funny," please give Technical Reinforcements a call, at (612)-720-0233. We will also be happy to help you if you simply want help understanding how to keep your machine clean and running well.
|
|
Onsite Computer Service - Networking Support - Minneapolis, Twin Cities Call us today at 612.720.0233 to schedule an appontment © 2008, Technical Reinforcements, Inc. (Web Design - Minneapolis Web Design) |