Spyware has to be the most talked about PC security threat of 2005. It has now surpassed the computer virus as the No. 1 menace to computer user both at home and in the enterprise. Despite efforts from Microsoft and independent security software companies, the spyware menace is set to continue through 2006 and beyond. The research firm Radicati Group expect worldwide anti-spyware revenue to surpass $1 billion by 2010.
There are numerous types of spyware with some more dangerous than others. At one end of the spectrum spyware pushes annoying ads to your computer as is usually referred as Adware. It is still spyware as the ads are generally pushed to you based on your surfing habits. A bad infection can also dramatically impact your computers performance as your desktop slowly gets overwhelmed with pop up adverts.
At the other end of the spectrum spyware programs can record what you do on your computer including individual key strokes. This information is then shared with a third party. This data is then sold to marketing companies or used to profit from. For example, the program may have captured your bank log-in details or credit card information.
Profit from these activities drives spyware development and deployment. According to anti-spyware vendor Webroot Inc advertising revenue generated from spyware is much more lucrative than trying to generate profit through Spam Email.
Here are the common ways spyware gets onto your computer:
Bundled with free software like screensavers or P2P file sharing programs which you download. For example Kazaa, a P2P file-sharing application, installs adware onto a users computer even though it claims to contain no spyware. Waterfalls 3 from Screensaver.com installs spyware and Trojan horses. Examples are courtesy of a report from StopBadware.orgs website.
Opening Spam email attachments.
Being enticed into clicking on links in pop up adverts which then downloads spyware. These pop ups usually display messages to do with winning money or entering a special prize drawer.
Drive-by downloading this is when spyware is automatically downloaded onto your computer from the website you are surfing.
Earlier this year a report published by the University of Washington revealed categories of websites which are mostly like to host spyware or infect users through drive-by downloads. Their research revealed the following categories:
Music download sites (I interpret this to mean illegal music sharing sites like dailymp3.com or where you can find P2P applications)
Wallpaper / screensaver sites
Here are some tips and strategies to reduce the chance of spyware infection:
Switch on your browsers pop blocker.
Install an anti-spyware tool with active protection which helps prevent infection in the first place.
Keep Windows and other Microsoft applications like office up to date with the latest patches.
Use SiteAdvisor (http://www.siteadvisor.com). This is a free plug-in for your browser which tells you whether a site is safe or not based on their testing. This is new software which is highly recommended.
If you are a frequent visitor of the high risk categories please consider changing your surfing habits or at least making sure your system is fully protected.