Stay updated with the latest cybersecurity news.

What is Spyware?

By Reason Cybersecurity

on Thu Jun 04 2015

Spyware is software that “spies” on your computer, collecting information about browsing habits and internet usage. It harvests all kinds of personal data like passwords, usernames and credit card information and then sends it back to a third party who uses that information for their own purposes.

The evolution of spyware, Think of spyware as adware’s twin gone bad. Not that adware was so great, to begin with, but as we saw in the What is Adware? the article, their history is intertwined and adware is the more innocent sibling in this case. We learned that adware began its life innocently enough as developers wanted to create targeted campaigns to reach more potentially interested consumers. Very soon though, less scrupulous developers began to experiment with the concept and devised ways to use it for their own benefit.  These new uses teetered on the very edge of spying on people and thus a new industry was born.The term Spyware was first used in 1995 on Usenet when a commenter used it to joke about Microsoft’s business model. Then in 2000, a firewall distribution firm used the term in a press release and from there the term took off in a different direction to its current usage. In the late 1990s and early 2000’s computer games like Elf Bowling, all the rage were being downloaded by the truckload.

Players got more than they bargained for as they also came loaded with spyware. Soon after came browser add-on’s, like Hotbar, which gave users’ emails and cursors much more than just smiley face emoticons. Bonzi Buddy was spyware aimed specifically at kids, claiming to make email more fun…”And best of all – It’s free!”
Today, spyware can be found in many incarnations ranging from registry cleaners professing to clean out unnecessary files from your computer, optimizers that claim to maximize the performance of your computer, stealthy key loggers that piggyback on legit software, recording your keystrokes all the while and many many other variations.

How did I get this spyware on my computer?
Spyware works its way on to your computer using a bunch of different means. Often times it comes bundled with freeware. In this case, the spyware creators pay the legit software makers to include their “wares”. When you download the desired software, you download spyware as well. Distributors get away with this shady business as often times the inclusion of the spyware is actually mentioned in the end-user licensing agreement (EULA) and is ignored. By skimming, or altogether skipping the text of the licensing agreement, you are granting permission for spyware to take up residence on your computer.
Spyware can also come from vulnerabilities within browsers like Internet Explorer. Spyware like CoolWebSearches redirects traffic to ads that deliver pop-ups and change search engine results. Internet Optimizer, aka DyFuCa, also relies on vulnerabilities within browsers. Once installed it redirects traffic from broken links to bogus advertiser pages. Spyware can be included with browser add-ons and optimizers as mentioned above and stay away from file-sharing networks as they are notorious for spreading spyware.
Spyware can infiltrate a system in the form of an ActiveX control update. ActiveX controls are small programs that extend the functionality of websites, like allowing for animation but they can be used for malicious purposes too. Developers create spyware that poses as updates or piggybacks on real updates to infiltrate computers. Sometimes an ActiveX update will pop up asking you to allow it to run. Don’t let it run, whatever you do. Microsoft recommends only installing ActiveX controls you are certain that you need for your PC to run properly.

How do I get this blasted Spyware off of my computer and how can I make sure I never get it again?
If all this hits a bit too close to home and you realize you have a spyware problem, don’t despair. If you can figure out the name of the malicious program, try to uninstall it via the uninstaller on your computer (control panel –>programs and feature–>uninstall). Or use an uninstaller program like Revo Uninstaller. You might need to try this a few times as spyware is notoriously hard to remove fully. Eventually, though, it should be off your computer.

There are a few simple things that even a novice can do to keep safe from spyware:
Read all EULA’s and all pay careful attention to software installers as they run. Sometimes they will outright say something like ”By checking this box you agree to allow company x to give over information to third parties”. If you don’t give it the attention it deserves, it will come back to haunt you.
Make sure you have up-to-date antivirus protection and set up a malware blocker like RCS that runs regular scans on a weekly or even daily basis to check that nothing has been able to get on to your computer. RCS also has Unchecky power built into it to protect you from those trickily-worded installers.
Stay far away from the above-mentioned activities, like installing browser optimizers and activeX updates, and don’t hang around peer to peer networks.
Never install registry cleaners or optimizers.
Say Adios to Internet Explorer. Switch to a more modern browser like Chrome or Firefox.
Happy spy-free surfing!