Spyware writers are targeting holiday revelers with a variety of goodies, including Christmas screensavers, games, interactive greeting cards and widgets that create cute little customizable gift tags or turn the curser into a Christmas tree. Despite their innocent appearance, many deliver a hidden payload to spy on the unsuspecting user's computer online activity.
Most of these are geared toward children, but adults can also get suckered into downloading these programs. That includes those doing personal work on unprotected laptops or home PCs connected to the corporate network. Both situations could put a company at risk.
"This is a new trend where the spyware companies are moving away from traditional methods of disseminating their software because users are have become more aware of their tactics," said Rick Carlson, vice president of sales and marketing for Aluria Software Inc., an antispyware vendor that has published a list of some of the worst offenders. "So instead, the spyware vendors are going after specific events and more vulnerable users."
Another emerging tactic is to embed spyware in pirated movies or evaluation software that has been tinkered with to work beyond the expiration date, according to Lake Mary, Fla.-based Aluria Software LLC, which is owned by ISP Earthlink Inc.
For instance, Aluria warns, marketing firm Integrated Search Technologies embeds its browser plugins ISTBar and YoursiteBar into downloads that look like movies, songs or software. Such a download may or may not include the actual files requested.
Spyware vendors are also targeting teens with game cheats, song lyrics and MP3 files containing spyware. In fact, peer-to-peer sites are awash with unsafe software -- a situation not only bothersome to users, but also to legitimate video and game-software providers such as AtomFilms.com that also suffer economically.
"There's no credible certification program available where we can be certified as a site that does not distribute malware," said Scott Roesch, vice president and general manager of AtomFilms, a subsidiary of San Francisco-based AtomShockwave Inc. "It's a real nuisance because people might visit our site and then visit a site where they pick up the spyware, and then they blame us."
While much of the spyware is little more than a nuisance to users, increasingly so-called research-ware vendors such as Reston, Va.-based ComScore Networks Inc. are rerouting electronic commerce purchases through their servers so that they can collect data, including the amount of money spent on specific sites. Such "researchware," while not illegal, often operates without the user's full knowledge because of confusing eulas.
"We're noticing a division between the two different types of spyware vendors," said Joe Telafici, director of operation with Santa Clara, Calif.-based McAfee Inc.'s AVERT Research Center. "On the one hand, companies like Claria are making positive moves to clean up their act, and on the other there's a growing number of vendors who are moving toward organized crime."
That is why this area of e-commerce has drawn more attention from the U.S. Secret Service, the agency responsible for both the protection of the President and the protection of U.S. currency. It is taking the lead by trying to stem the tide of credit card fraud and identity theft, fearing that it could devalue the nation's currency. The agency recommends that users install firewall, virus- and spyware-protection software, and update other software regularly.
Lorie Lewis, a member of the Secret Service Public Affairs office, said it's never wise to download items from unknown sources.
"You could be downloading a keylogger, Trojan or backdoor without knowing it," Lewis said.