What is Spyware??

Image result for spyware


When you go online, don't assume that your privacy is secure. Prying eyes often follow your activity-and your personal information-with a pervasive form of malicious software called spyware. In fact, it's one of the oldest and most widespread threats on the Internet, secretly infecting your computer without permission in order to initiate a variety of illegal activities.



What is Spyware?

Spyware is software that is installed on a computing device without the end user's knowledge. Such software is controversial because even though it is sometimes installed for relatively innocuous reasons, it can violate the end user's privacy and has the potential to be abused. Spyware that is installed for innocuous reasons is sometimes referred to as tracking software. In the workplace, such software may be installed on corporate laptops to monitor employees' browsing activities. In the home, parents might install a keystroke logger to monitor their children's activity on the internet. Or an advertiser might use cookies to track what webpages a user visits in order to target advertising in a contextual marketing campaign. If the end user is told that data is being collected and has the ability to learn with whom the data is being shared, such data collection programs are not considered spyware.

Types of spyware

In most of the cases, the functionality of any spyware threat depends on the intentions of its authors. For example, some typical functions designed into spyware include the following:

1. Password stealers are applications designed to harvest passwords from infected computers. The types of collected passwords may include stored credentials from web browsers, system login credentials, and sundry critical passwords. These passwords may be kept in a location of the attackers’ choosing on the infected machine, or may be transmitted to a remote server for retrieval.

2. Banking Trojans are applications designed to harvest credentials from financial institutions. They take advantage of vulnerabilities in browser security to modify web pages, modify transaction content, or insert additional transactions, all in a completely covert fashion invisible to both the user and host web application. Banking Trojans may target a variety of financial institutions, including banks, brokerages, online financial portals, or digital wallets. They might also transmit collected information to remote servers for retrieval.

3. Infostealers are applications that scan infected computers and seek out a variety of information, including usernames, passwords, email addresses, browser history, log files, system information, documents, spreadsheets, or other media files. Like banking Trojans, Infostealers may exploit browser security vulnerabilities to collect personal information in online services and forums, then transmit the information to a remote server or store it on your PC locally for retrieval.

4. Keyloggers, also referred to as system monitors, are applications designed to capture computer activity, including keystrokes, websites visited, search history, email discussions, chatroom dialogue, and system credentials. They typically collect screenshots of the current window at scheduled intervals. Keyloggers may also collect functionality, allowing for stealthy capture and transmission of images and audio/video from any connected devices. They might even allow attackers to collect documents that are printed on connected printers, which can then be transmitted to a remote server, or stored locally for retrieval.

How do we get spyware?

Spyware can infect your system in the same ways that any other malware does, by means of a Trojan, a virus, worm, exploit, and other types of malware. Here are a few of spyware’s main techniques to infect your PC or mobile device:

  1. Security vulnerabilities. Here’s a top-of-the-list no-no: clicking on an unfamiliar link or attachment in an email, which either runs an executable attachment or links to a website program that downloads and runs (“executes”) a program. Even worse, it’s even possible that just visiting a malicious website and viewing a page and/or banner ad will result in a drive-by download. Or clicking some option in a deceptive pop-up window can trigger an infection. Even trading software or documents with friends may result in the stealthy delivery of a spyware program hidden within. That includes executable programs, music files, and documents. All it takes is one bad click.
  2. Misleading marketing. Spyware authors love to present their spyware programs as useful tools to download. It might be an Internet accelerator, new download manager, hard disk drive cleaner, or an alternative web search service. Beware this kind of “bait,” because installing it can result in inadvertent spyware infection. And even if you eventually uninstall the “useful” tool that initially introduced the infection, the spyware remains behind and continues to function.
  3. Software bundles. Who doesn’t love free software (freeware)? Except when it’s a host program that conceals a malicious add-on, extension, or plugin. They may look like necessary components, but they are nonetheless spyware, which, again, remains even if you uninstall the host application.
  4. Misc. Trojans, worms, and backdoors often distribute spyware in addition to their primary malicious intent.
  5. Mobile device spyware. Mobile spyware has been around since mobile devices became mainstream. Since mobile devices are small and users can’t see activity, these behaviors can run behind the scenes. Both Mac and Android devices become infected when you install an app with malicious code. These apps include legitimate apps recompiled with malcode, straight up malicious apps with a fake name, and apps with fake download links. Apps can also be secretly installed onto devices by abusers who want to stalk unsuspecting victims.

What do we do if we get infected?

If your spyware infection is working as designed, it will be invisible unless you’re technically savvy enough to know exactly where to look. You could be infected and never know. But if you suspect spyware, the first order of business is to make sure your system has been cleaned of any infection so that new passwords are not compromised. Get yourself a robust cybersecurity program with a reputation for aggressive spyware removal technology. Aggressive spyware removal thoroughly cleans up spyware artifacts and repairs altered files/settings.

After you have cleaned your system, think about contacting your financial institutions to warn of potential fraudulent activity. Depending on the compromised information on your infected machine, and especially if it is connected to a business or enterprise, you may be required by law to report breaches to law enforcement and/or make a public disclosure. If information is sensitive in nature, or involving the collection and transmission of images, audio, and/or video, you should contact local law-enforcement authorities to report potential violations of federal and state laws.

How do I protect myself from spyware?

The best defense against spyware, as with most malware, starts with your behavior. Follow these basics of good cyber self-defense:

  • Don’t open emails from unknown senders.
  • Don’t download files unless they come from a trusted source.
  • Mouse-over links before clicking on them and make sure you’re being sent to the right webpage.

Popular posts

Sistem informasi global dan penerapannya oleh perusahaan multinasional

Apa itu budaya global?

Sistem pendukung keputusan kelompok (GDSS)