Spyware: Underestimated and Overrated

Having been a computer support technician, one of the most prevalent questions I have received from average computer users is "What is Spyware?" For those of you who don't know, there is no exact, official, generally-agreed-upon definition to the term, but here goes my interpretation. Spyware is, loosely, any software program, suite of programs, file, control, Adware, Malware, worm, or virus whose mission is to either gather data about you or your computer, display advertisements, launch pop-ups, or simultaneously cause damage or dysfunction to your PC. What a mouthful! (This may be on my machine?!?)

A little history:

As malicious software first arose on the computing scene, its scope was basically limited to software whose mission was solely to damage your PC. These simple but deadly programs were termed "viruses." They were created for no other purpose than to incite terror and wreak havoc. As the Internet progressed and more people went online, other, more advanced and clever malicious software began to arise that took advantage of interacting with the user and the ability to transfer data across the World-Wide-Web. Destruction turned to profit via illicit means. More annoying applications that were not truly malicious in the same respect, like those that spawned pop-up advertisements, also started to multiply out of control, some less-than-reputable firms began collecting every bit of information about anyone who crossed their radar, and once harmless applications started resorting to near-guerrilla means to convince someone to buy their products.

Initially this new wave become known as "Spyware," for one because of the way it tended mask its real agenda, posing as those helpful tools of yesterday, like a simple toolbar. Regardless of the scientific specificness of the term or lack-there-of, I would argue that "Spyware" was the term in vogue no matter what the infection, so long as the clear source of an infection was blurred by multiple components, making a clear presence to the user and causing disruption. More recently however, as clear differences in these types of programs have become apparent, and in the industry's goal to differentiate between their own infection-removal products, the industry has attempted to lessen the confusion caused by such a broad term as "Spyware." By classifying dangerous software using additional terms in conjunction or categorically with the term "Spyware," there is now a separation between harmful, annoying, and interactive that the public can understand.

The "Flavors":

Software that mainly displays advertisements and pop-ups, for example, is now referred to specifically as "Adware" by many. A program that may or may not display ads but which has the intention of actually causing damage to your PC, yet is not necessarily a detrimental virus, may now be called "Malware." "Malware" may, for example, delete or corrupt all Word documents. Attempts by software to convince you to give out your personal information, regardless of whether "Adware," "Malware," or "Spyware" initiated the ruse, are now called "Phishing Scams." "Spyware" is now distinctively used generally to refer to software that intends to lie dormant or mask its true intentions in order to steal some sort of critical data, passwords, credit card numbers or similar information by spying on your activities on the PC; but the broader, more general use of the term does still exist. Programs that may fall under the term "Spyware" may include Key-Stroke-Loggers, Tracking Cookies, or Trojan Horses. Any program designed to hijack your PC to send mass e-mails, transfer illicit data, or any program that may slowly embed itself across your PC and over time cause damage may be called a "worm." "Worms" are often some malicious code included in a seemingly harmless e-mail. "Viruses" are still basically the same. They attack and destroy.

Whatever you call it though, most people can agree on one thing: that these programs can be dangerous and that we need to get rid of them. In recent years some opportunistic entrepreneurs have tried to help with that quest, and have produced some pretty elaborate tools to assist us in combating the flood. Unfortunately though, with the sheer number of malicious programs that are now out there, as well as the increasing competition between companies who combat it, what you may often find is that any one dangerous piece of software may be classified differently, depending on who is making the list and checking it twice. Questions arise: 'Is this new infection we've found called Adware, Spyware, or is it a virus? Do we consider what this program is doing to be harmful? How harmful?' Suddenly the clear classification of these infectious components starts to break down once again. Ultimately, some programs classified as malicious Spyware by one company may be considered safe or legitimate by another. Thus the real end to the confusion is still likely a ways down the road.

So how bad is it?:

Despite the lack of clarity, I do hope that by now I have gotten your attention to the fact that malicious software, whether it be "Spyware," "Adware," "Malware," or just a "plain, unauthorized security risk," is bad, and has become ghastly enough to the point that it now warrants these kinds of debates. I don't need to cover the seriousness here of something called a "Tracking Cookie," or a "Key-Stroke-Logger." You get the idea that you don't want someone logging your keystrokes, i.e. recording what you type, or tracking your movements online. I'm also pretty sure that everyone is now familiar with pop-ups and advertisements. If it hasn't occurred to you, all of this can also lead to identity theft too. One quick swiping of your SSN or bank account number and Johnesta Doesit can become John Doe at your home bank. Hence "it goes without saying" that Spyware should not be underestimated for its cleverness and damage potential.

Now that I have tuned you into the threat, let me be completely objective, for I have not been. There are "two sides to every coin," aren't there? Let us see the other side. We always talk about Spyware and the like to be so dangerous and prevalent nowadays that you could cut it like butter; but what do the numbers really show? When people report Spyware problems, is that the only problem they're always having, or was that even the real problem? Was the Spyware on a person's PC their own fault, and have they known it was there all along? How many people have truly had their identities stolen?

We talk about how Spyware is seriously malicious, terrible, unrelenting, and detrimental, yet is it really so absolutely gruesome that it is taking over the world? The confusion over what is and is not a security risk or malicious program may itself be leading to confusion and misunderstanding as to exactly what "damaging effects" Spyware may really be causing. The "fear-factor" alone could easily be the source of people's perception that the threat is greater than it may actually be. Consider my other findings. Most people I've serviced for Spyware-related problems have experience decreased system performance as a result of unwanted programs, but few, very few of them have actually experienced monetary damages, account hijackings, or identity theft. Lots of infections are also easily removed.

A government probe by the Department of Commerce that attempted to discern the approximate number of people who have and who will have their identities stolen originally determined that the majority of the population would experience some sort of fraudulent identity issue within their lifetime. Though a more recent amendment and update to that study has now, with more people online and even more passwords for the taking, has concluded that the original figures were overzealous and that the risk was far, far lower. Security has increased 1,000 fold everywhere. Is it not conceivable that we caught the problem early enough and that the Spyware makers and hackers are the ones really feeling the bulk of the strain? I know that most people still don't know what steps to really take to protect themselves, but I do know that the public is becoming more cautious and protective of their information, and they are learning to recognize discrepancies better than they have in the past.

That has to be contributing to a decline in harmful effects of some net gain. Another thing to consider is the slew of recent issues involving companies accidentally giving out people's personal data. Several studies combing the willingness of companies to admit they have sprung leaks have found that most have been historically less than forthcoming. The threat from those forms of security lapses may actually be a bigger threat than hackers trying to break in or any amount of Spyware installed on the PCs of an alerted public. As a result, is Spyware in fact overrated? It certainly sells more Anti-Spyware software when you tell people only about the negative effects of it and ignore the data on the likelihood of them even encountering a threat serious enough to inflict permanent harm.

Another interesting note from my experience is that a large portion of the public actually knows that their PCs are infected with malicious software; and they avoid doing anything about it because they know how it got there (and they would prefer to keep that private.) In those cases the culprit is usually pornographic websites, online casinos, or clicking on advertisements people know are unsafe, just to find a better deal. So can anyone really blame the Spyware without looking in the mirror? I'm certain that plenty of people can, but then again it leaves a huge number of persons "crying wolf." (Personally, I have had 1 virus in my lifetime, and never has Spyware completely taken over my PC. I use several malicious software removal programs regularly and they almost always find nothing. That's because of safe web surfing. Is it that simple?)

So what do we do about it?

My conclusion? It's hard to "judge a book by its cover." There is no way to know which claims of Spyware anguish are legitimate and which are not. I do believe that if you are infected with Spyware though that it can be truly threatening to your genuine activities on your PC. I also believe although that people aren't likely to give up there "leisure activities" in exchange for a clean PC if that is what it would take. For those of us who do want to keep security in check, however, there are some simple tips you can follow to help keep Spyware to a minimum. Perhaps with a little vigilance, the Spyware war can be won one home at a time.

Avoid non-reputable websites. This includes anything that appears to be "too good to be true," anything that bears a company name that nobody has ever heard of and that you cannot find any information on anywhere except their own website, distasteful websites (you get the idea), links from advertisements, and search engine results that aren't clear or that have obscure or even clearly provocative headings.

Don't accept security agreements without reading them. Never click yes on something you aren't completely "in the know" about. Read the screens before you click to install software, and if possible un-check the options to install third-party applications irrelevant to your usage of the software you are installing, like toolbars.

Check the URL/Address you are at. Look up at the address bar. If you meant to type www.mywebsite.com you may have typed www.miwebssite.com by accident. What came up as a result may look legit or even say www.mywebsite.com right on it, but you may actually have arrived at a scam looking to steal your log-in information to the real www.mywebsite.com. Also, a legitimate company's addresses will typically always start with their original address. Pictures from www.1234.com will likely be at www.1234.com/pictures with www.1234.com always appearing at the beginning of the address, not afterward. www.redirect.1234.com or www.redirect/1234com are not www.1234.com. This rule is not absolute though. Microsoft support, for example, is at "support.microsoft.com." So how can you legitimize links like that? You can by going to "www.microsoft.com" first and then clicking on support links. You will then know that any redirections to "xyz.microsoft.com" are likely legitimate.

Install some sort of Anti-Spyware software. There are a dozen free ones out there like Ad-Aware from Lavasoft, and if you choose there are some cheap ones you can buy from the reputable retailers. Run a scan once a month or more often and delete the unwanted programs before they cause problems. These tools also delete Malware, Adware, etc. If you are concerned about one of these programs not finding everything due to differences in classification, just install and use more than one.

Install an Internet Security Suite. There are many of these too such as Symantec's Norton Internet Security. These "suites" contain both Anti-Virus as well as firewall protection. The Anti-Virus will keep viruses at bay and the firewall keeps unauthorized entrants from getting into your PC over the Internet. Whichever one you purchase, just make sure it says that it contains both the Firewall and the Anti-Virus.