Virus control: dodging spyware infections: just when you think it's safe to surf in the digital waters again, a new threat emerges.
Spyware is what is now known as malicious software that hides on your computer and sends information about you, your PC, or your Web-surfing habits to someone else on the Internet. Spyware takes many forms. It can be a program that starts over whenever you re-start your computer, Web "bugs" that invisibly track your clicks, or even code that takes over Internet Explorer and steers it someplace you didn't want to go.
Most often, unscrupulous advertisers use spyware to gather information about which Web pages you visit and what you buy online. They use their findings to forcefully deliver ads to your computer that they feel match your interests. In the process, the ad-delivering spyware can clog up your computer, slowing it down or even making it crash. Even the most polite spyware does not have your interests at heart. It's there to help someone, somewhere make money. The end result for you is only lost productivity and frustration.
Spyware also takes more harmful forms. For instance, some spyware can record your keystrokes. These malicious variants can learn your log-ins, passwords, and even your credit card information. The spyware creators swear that they won't exploit this private data.
As its name suggests, spyware uses elusive techniques to sneak its way onto your PC. Here are the three most common methods.
Spyware can hide inside desirable freeware and shareware programs
Next time you download a free scenic screensaver or a cute mini-game, remember that you might get more than meets the eye.
Many "free" applications come booby-trapped with ad-generating spyware. Weatherbug, screen savers and nice backgrounds are perfect examples of this. When you install the application, it also infects your PC with a spyware program. These deceptive applications don't go out of their way to advise you of the attached spyware. At best, they bury information about the spyware deep within their complex End User License Agreements. Spyware creators know that most users don't read these lengthy legal documents.
Luckily, you won't find spyware bundled with every freeware and shareware offer. Instead, spyware tends to partner itself with legally-suspect Internet applications. For instance, spyware seems particularly fond of Peer-to-Peer applications (best known as music-sharing programs. Many P2P programs, such as Kazaa, eDonkey and Exeem, have come bundled with spyware.
Spyware can hide on the Web pages you browse
You don't have to try to download something from a Web site to get infected. Spyware often hides in the code of Web pages. By taking advantage of Web browser vulnerabilities, particularly those found in Internet Explorer, spyware can secretly download and install itself onto your computer without your knowledge.
Legitimate Web sites have accidentally introduced spyware to their visitors through spyware-infected banner ads. Ironically, when spyware on your PC generates pop-up ads, you can get doubly infected by new spyware in those ads.
Thankfully, most legitimate Web sites don't deal with spyware creators. You're most likely to encounter it when wandering the darker neighborhoods on the 'Net. Sites containing pornography, illegal software, illicit product serial numbers, and online gambling present the most risk for spyware infections. But pleasant-looking sites can hide danger, too. In general, any offer on the Internet that seems too good to be true, probably is.
Spyware can hide in HTML e-mail
Since certain types of Web sites tend to spread spyware, you can just avoid those sites. Not exactly. If you won't go to spyware, it'll come to you. The same people spreading spyware also have strong affiliations with junk e-mailers and spam. These methods can exploit the same vulnerabilities used on Web pages, to deliver spyware right to your Inbox via HTML e-mail advertisements. They send out millions of Web-based e-mails advertising anything from Viagra to fake Rolex watches. Just by opening one of these unsolicited HTML e-mails, you can unknowingly infect your PC with spyware.
Avoid bad neighborhoods on the 'Net. Web sites dealing in pornography, illegal software, and gambling have a higher chance of containing spyware. As a general rule, avoid straying into the dangerous part of the Internet.
Free software isn't always free. Carefully consider the "free" software you download and install. If spyware is attached, you'll end up paying for that freeware with pop-up advertisements or advertisers hijacking your Web searches. Before installing a free program, check to see if it shows up in Spyware-Guide's (www.spywareguide.com) or Spy Checker's(www.camtech2000.net/Pages/ SpyChaser.html) lists of known spyware. Don't forget to read the software's license agreement. Where possible, stick with well-known brands of software that have a reputation to protect.
Don't use peer-to-peer software. Not only do their installers tend to include spyware, but the software you download "for free" while on a P2P network may include spyware, viruses, and worms. Dump Morpheus, Kazaa, Limewire and other P2P and music-sharing software.
Don't open unsolicited e-mail. Simply opening certain unsolicited e-mail messages can trigger spyware infections. Don't open spam.
Ask your network administrator for anti-spyware tools. We have had success using Ad-Aware (www.lavasoft.com), Spybot (www.safer-networking.org) and the more recent Microsoft Anti-Spyware (BETA) tool. No matter which tools you choose, keep them up to date.
Tweak Internet Explorer's Security Settings. In Internet Explorer, click Tools, then Internet Options, then the Security tab. You should set Internet Explorer's security level at least to Medium. Click the Default Level button and then move the slider to Medium. As an extra tweak, click the Custom Level button and scroll down until you see Scripting. Now, disable Active Scripting. This helps prevent malicious Web sites from automatically installing spyware. It might also disrupt legitimate scripts, so check with your network administrator before taking this step.
Be careful who uses your computer. Following all these tips won't help if you share your computer with someone else who doesn't follow them. An infringement mistake by another employee could open the floodgates to your computer's spyware infestation.
You can dodge annoying spyware infections by following these simple tips. Prudent care and use of what is still a valuable business tool, the Internet, will yield the best results.
Dave Masterson, a Microsoft Certified systems engineer, is the chief technology officer for SIGN-A-RAMA, EmbroidMe and BillboardConnection. He can be reached at firstname.lastname@example.org.
|Printer friendly Cite/link Email Feedback|
|Date:||Jul 1, 2005|
|Previous Article:||Effective use of the Internet: a guide for franchise systems.|
|Next Article:||Recognizing achievement and anticipating the future: Planet Beach links certification to success.|