Since the dawn of the internet, users have had to deal with all manner of security risks on their computers — email viruses, worms and all those other pains in the ass. These continue to proliferate and do enormous damage. However, there is now another threat to your computer’s security, a new form of software that exists only to spy on you, steal information and show you ads. We call it spyware.
This page was last updated on 2012-08-21
What is Spyware?
Though the term “spyware” has captured the public consciousness and become synonymous with all sorts of malignant software, spyware is actually a subset of a more general grouping of pestilential software known as malware. Malware encompasses all that software you don’t want on your system.
Some forms of malware are merely annoying, such as adware. Adware are programs that run in the background without your knowledge. They may pop up random ads onto your desktop with no prompting, or may spy on your browsing habits and send you targeted ads based on the sites you visit.
Your browser can be hijacked by a piece of adware, which will redirect normal webpage links towards sites controlled by the adware author and generally mess you around. The first sign that this has happened is your homepage being replaced with an ad and your browser not responding to any attempts you make to change it back.
Other malware is just plain dangerous. This is where true spyware comes in — there exist spyware programs that read the keystrokes of credit card numbers you enter into webpage forms and send them back to the programmer. You could also fall prey to programs that monitor what websites you visit and send this data back to marketers who will be able to build up a full picture of you and your interests without your permission.
Where Does Spyware Come From?
In most cases the owner of a computer won’t even be aware that their computer is infested with spyware. It’s not uncommon to begin to clean a system of spyware and find a dozen or so programs merrily executing code and collecting data.
The software can come from a number of places. Most commonly, it “piggy-backs” onto your system along with another program which you did want to install. A popular freeware program will be offered to download, but when you install it a number of other programs are installed too (that’s how the programmers of the original software can afford to give it away for free).
The most notorious example of this practice is the file-sharing application » Kazaa, which came with so many adware programs that another group of programmers began to hack it and post their own version of the software, called KazaaLite, which was free of adware. This only lasted a few months before they were shut down.
Be wary of any commercial freeware, many have taken to adding adware to the install package.
The second most common method of getting adware onto your system is to sneak it past you by popping up an offer on a webpage and asking you if you’re interested.
The text in this confirmation dialog can say literally anything, but if you answer yes you have given the webpage author free reign to install almost anything they want into your browser. This is how most browser hijacks occur. Usually you’ll end up with a corrupted homepage, a half dozen new unwanted bookmarks and a toolbar which purports to have many useful features like form auto-completion but is really monitoring your browsing habits.
This all probably sounds a little scary. Your computer could have spyware installed and running right now and you wouldn’t know about it. Thankfully, there are some excellent programs available to combat the rising tide of spyware.
First download both of these programs (don’t worry — they’re safe!):
Now run them both twice. The first eradication might uncover some spyware that was being suppressed by another program.
Keep your spyware definitions up to date and scan your system again at least once a month to make sure you don’t pick up any more spyware by accident. Then follow the tips below to make your browsing more secure, so that spyware will find it a lot more difficult to get onto your system.
Spyware and its ilk, like viruses, are symptomatic of the generally lax security measures built into most software. While it has become juvenile to constantly berate Microsoft for its past policies on software integrity, in this case the criticism is right on the money: the Microsoft software that comes with most new PCs is, by and large, very insecure.
Microsoft released Service Pack 2 for Windows XP in August 2004. This was their first major step towards making the operating system secure. Windows XP users are strongly advised to download and install it. It also carried improvements to Internet Explorer to prevent popups and unwanted software installation. However, there are better alternatives.
Your web browser is the most important one to get right, since it is the program with which you interact with the web at large with for most of the time. It should go without saying that Internet Explorer 6 is not an option. Its widespread use has made it an obvious target for exploitation by hackers for years. There have been a number of superior browsers released in those intervening years.
So, your best option is » Mozilla’s Firefox. Firstly, it was designed from scratch to be secure; but more importantly it is also still in constant development, which means that if a security hole is found, it’s patched and updated in no time at all. It’s free, available for every platform and is configurable up the wazoo.
The fight for most secure email client is a harder game to call. I personally have found » Mozilla’s Thunderbird to be very good. Its » junk mail filtering feature will keep many of the virus-infected emails from ever reaching your inbox. The security of your mail client has a lot to do with the care you take when opening attachments.
Windows XP users with Service Pack 2 will have the Windows firewall installed and constantly running by default, which is a good thing. Others can get the excellent » ZoneAlarm.
Finally, one of the most important security issues you will encounter online is how to choose a good password. Our password tutorial has some good pointers on that.