What is it? "Spyware"?
Spyware programs are applications that compile information about a person or organization without their consent or knowledge. These programs normally steal data about users which could be used for advertising or for other financial gain.
The type of information stolen by these programs varies considerably: email login details, IP and DNS addresses of the computer, users’ Internet habits or even bank details used to access accounts or make online purchases. Of all the spyware in circulation, the most dangerous examples are those that steal data related to online banking. These are the infamous banker trojans.
Within this category, one specimen which has been highly active recently is Trj/Sinowal, a kit sold on some Russian forums which allows the buyer to create bespoke banker Trojans to launch an attack.
Another notorious case of spyware in action involved Trj/Rona.A, which was used for industrial espionage in Israel in 2005.
Who sends it?
Spy programs are created by cyber-crooks, who sell them on the black market to be used in online fraud and other cyber-crime.
There is some controversy surrounding what is actually spyware, as some people consider adware or even some toolbars to be variations of spyware. While this may be true to a certain extent, adware programs, as such, are not used with criminal intent, but to advertise products and services, and the information collected does not include users’ bank details, but rather Web pages visited or favorites, etc.
How does it reach users?
Spyware is installed on computers without the user’s knowledge. It can be installed when downloading certain content from the Web or from P2P networks, when installing freeware, or simply when visiting dubious websites.
Generally, these spy programs are installed when the user agrees to install other applications, which unbeknown to users, include a caveat in the legal agreement whereby users agree to install the spyware. This, in theory, makes many spy programs legal, except when they are used to steal identities or bank details, etc. These are normally the cases in which banker Trojans are installed on users’ computers.
At Panda Security, as you can see in the diagram below, we have witnessed the dramatic expansion of this type of malware in the last two years:
How can you protect yourself?
To protect yourself against this ubiquitous type of malware, we offer a series of practical tips:
- Don’t download content from dubious or unknown websites.
- Keep a close eye on downloads made over P2P networks.
- If you think you have been infected by spyware, try to uninstall it through the usual Control Panel - Add/Remove Programs option. If that is not possible, run your antivirus program to remove it.
- If you don’t have an antivirus, you can install any of Panda Security’s solutions to give you full antisypware protection against these and other threats.
- Analyze your computer for free and check out if it is spyware free.
- Download Antivirus free antivirus solutions, choose the software that best suits your needs.