Feb 21, 2008

What is Spyware?

What is it?

Spyware is a very active and dangerous threat to any computer connected to the internet where users browse the web. If new toolbars or multiple popup ads and banners suddenly appear while you are browsing the web, you most likely have some kind of Spyware or Adware. However, even if you don't see this type of behavior you may still be infected. These applications can remain silent in the background collecting information about where you go and what you do on the internet. Then it uploads this information to home servers while your machine is idle. Sometimes this activity takes place while you are trying to use the machine. This can make your internet connection or any type of activity on your machine very slow and almost unresponsive.

What can I do about it?

There are several applications that will clean and remove most Spyware. However, some of the more advanced products require many steps and possibly rebooting your machine several times.

Since most of these nasty applications simply open the door to other nasty applications you rarely have just one. For this reason you need to make sure you remove every part of every application or your machine will simply become re-infected in a matter of seconds. This is why more than one application is recommended when trying to secure against or recover from Spyware infections.

It is important to note that many Spyware applications will disguise themselves as a Spyware removal tool. Make sure to "Google" any application before installing. Most likely, someone has experienced that application before and this will give you a hint on its reputation.

To defend against Spyware I recommend the following steps.
  • Use Firefox for all browsing unless you are at a KNOWN TRUSTED SITE that requires IE.
  • Install some or all of the applications below.
  • Browse wisely.
    • Never click a link in an email. If you must open a link from email, copy then paste it into your browser.
    • NEVER click any link or button from a popup window. Popups will appear as a new browser window. Unless you intentionally started that application, do not click on any links or buttons. If in doubt don't click anything, do an "alt-F4" to close the window.
    • Keep your eye on the address bar. Make sure you haven't wandered onto an un-trusted or shady site. People browse the web so quickly anymore it is easy to follow links onto a site that should not be trusted. Most reputable sites will not try to hide the site name. If you think you are at USBank.com it should say that in the address bar, not just an IP address.
  • Keep Windows up to date.
  • If you are really paranoid you can use the Noscript plugin for Firefox.
  • Browse the Internet from behind a Firewall that blocks attacks on certain ports. Make sure this Firewall is checked and updated regularly.
Safe Anti-Spyware Applications
  • Spybot-S&D: A freeware program maintained and updated with new spyware information regularly. A great tool to remove Spyware from your PC, also be sure to click on the "Search for Updates" button and then if any new updates are displayed, make sure they are checked and then click "download updates". Additionally after you have updated click the immunization button to prevent many common Spyware instances on your PC in the future.
  • Ad-Aware: Another freeware program for searching and removing Spyware. The interface is more user friendly, however the freeware version does not contain any sort of preventative measures against future Spyware infections.
  • Webroot's Spy Sweeper is an excellent product with a full-featured demo that is free to download. The free demo allows you to update your Spyware definitions once. Ongoing protection and definition updates are fee-based.
  • SpywareBlaster: SpywareBlaster does not clean spyware and Adware from your system, but it can help prevent it. SpywareBlaster does not run in the background, so your system won't take a performance hit if you decide to install it. This program is freeware, however the automatic update feature is fee-based.
  • Google Toolbar: Among its other features, the Google Toolbar includes a popup blocking feature. The Google Toolbar is freeware.
  • House Call: Not really a download, but an online virus scanner that can bypass problems in Windows that allow certain viruses to prevent themselves from being deleted from your system. Unfortunately it requires ActiveX, an insecure Internet Explorer to run (there is a Netscape only version, but it seems to be very buggy). The advantages outweigh this small problem, however.
  • Microsoft's Antispyware: Microsoft's Anti-Spyware solution, which is based on the award-winning Giant AntiSpyware Suite. This product is still in Beta, but it is effective at cleaning certain types of threats (Spyware Agents, for example) that other virus/spyware scanners can't detect/clean.