SPYWARE Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
History and development <ul><li>The first recorded use of the term spyware occurred on October 16, 1995 in a Usenet post that poked fun at Microsoft's business model. Spyware at first denoted hardware meant for espionage purposes </li></ul><ul><li>In early 2000 the founder of Zone Labs, Gregor Freund, used the term in a press release for the ZoneAlarm Personal Firewall. Since then, "spyware" has taken on its present sense </li></ul><ul><li>According to a 2005 study by AOL and the National Cyber-Security Alliance, 61% of surveyed users' computers had some form of spyware. 92% of surveyed users with spyware reported that they did not know of its presence, and 91% reported that they had not given permission for the installation of the spyware </li></ul>
Comparison <ul><li>Unlike viruses and worms, spyware does not usually self-replicate. Like many recent viruses, however, spyware — by design — exploits infected computers for commercial gain. </li></ul><ul><li>Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements; theft of personal information (including financial information such as credit card numbers) </li></ul>
Routes of infection <ul><li>Spyware does not directly spread in the manner of a computer virus or worm: generally, an infected system does not attempt to transmit the infection to other computers. Instead, spyware gets on a system through deception of the user or through exploitation of software vulnerabilities </li></ul><ul><li>Most spyware is installed without users being aware or realise. The spyware automatically installed itself on the computer. </li></ul><ul><li>Since they tend not to install software if they know that it will disrupt their working environment and compromise their privacy, spyware deceives users </li></ul><ul><li>It can also come bundled with shareware or other downloadable software, as well as music CDs. The user downloads a program and installs it, and the installer additionally installs the spyware. Although the desirable software itself may do no harm, the bundled spyware does. In some cases, spyware authors have paid shareware authors to bundle spyware with their software. </li></ul>
Examples of spyware <ul><li>CoolWebSearch , a group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including coolwebsearch.com . It displays pop-up ads, rewrites search engine results, and alters the infected computer's hosts file to direct DNS lookups to these sites. </li></ul><ul><li>Internet Optimizer , also known as DyFuCa , redirects Internet Explorer error pages to advertising. When users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, because password-protected Web sites (HTTP Basic authentication) use the same mechanism as HTTP errors, Internet Optimizer makes it impossible for the user to access password-protected sites. </li></ul><ul><li>HuntBar , aka WinTools or Adware.Websearch , was installed by an ActiveX drive-by download at affiliate Web sites, or by advertisements displayed by other spyware programs — an example of how spyware can install more spyware. These programs add toolbars to IE, track aggregate browsing behavior, redirect affiliate references, and display advertisements </li></ul>
Importance to know about this topic. <ul><li>We can prevent our computers from being infected with spywares or other viruses . </li></ul><ul><li>We can avoid spywares eventhough it doesn’t duplicate itself. </li></ul>
Steps to avoid spyware <ul><li>Be careful downloading files in IM. Never open, accept, or download a file in IM from someone you don't know. If the file comes from someone you do know, don't open it unless you know what the file is and you were expecting it. Contact the sender by e-mail, phone, or some other method to confirm that what they sent was not a virus. </li></ul><ul><li>Update your Windows software. Visit Microsoft Update to scan your computer and install any high-priority updates that are offered to you. If you have Automatic Updates enabled, the updates are delivered to you when they are released, but you have to make sure you install them. For more information, visit the Protect Your PC site. </li></ul><ul><li>Make sure you're using an updated version of your IM software. Using the most up-to-date version of your IM software can better protect your computer against viruses and spyware. If you're using MSN Messenger, upgrade to Windows Live Messenger, which will block attachments that might contain malware and allow you to scan attachments for viruses. For more information, see Windows Live Messenger Overview </li></ul><ul><li>Use antivirus software and keep it updated. Antivirus software can help to detect and remove IM viruses from your computer, but only if you keep the antivirus software current. If you've purchased a subscription from an antivirus software company, your antivirus software may update itself when you're connected to the Internet. </li></ul><ul><li>Use antispyware software and keep it updated. Some IM viruses may install spyware or other unwanted software on your computer. Antispyware software can help to protect your computer from spyware and remove any spyware you may already have. If you don't have antispyware software, you can download Windows Defender. Windows Defender comes with Windows Vista. If you use Windows XP SP2, you can download Windows Defender for no charge. </li></ul>