E-greetings, screensavers bring more tears than cheers

Vendors that track spyware are noticing more of it stuffed into holiday greeting cards, screensavers and customized gift tags for virtual Christmas trees. Learn how to avoid these and other download traps.

Spyware writers are targeting holiday revelers with a variety of goodies, including Christmas screensavers, games, interactive greeting cards and widgets that create cute little customizable gift tags or turn the curser into a Christmas tree. Despite their innocent appearance, many deliver a hidden payload to spy on the unsuspecting user's computer online activity.

Most of these are geared toward children, but adults can also get suckered into downloading these programs. That includes those doing personal work on unprotected laptops or home PCs connected to the corporate network. Both situations could put a company at risk.

"This is a new trend where the spyware companies are moving away from traditional methods of disseminating their software because users are have become more aware of their tactics," said Rick Carlson, vice president of sales and marketing for Aluria Software Inc., an antispyware vendor that has published a list of some of the worst offenders. "So instead, the spyware vendors are going after specific events and more vulnerable users."

Kids, don't try these at home (or work)

Aluria Software has create a list of dangerous downloads you should avoid -- the equivalent of coal in the stockings. Most produce a proliferation of pop-ups.

Here's a sampling, all of which need a click to install:

101kidz.com/holidays/Christmas



syvum.com/fun/Christmas



lil-fingers.com/holidays/Christmas



wacona.com/Christmas/christmask/html



ecards4free.com/kids_christmas.htm



kidsjokes.co.uk/jokes/other/Christmas.html

Advertises various Christmas novelty items, including greeting cards, music and lyrics. Really installs rogue spyware apps, misleading system error pop-ups, heavy pop-ups and other attention-grabbers Offers Christmas games to download. GAIN and Starware pop-ups appear. Another offering a variety of Christmas novelty items. Rogue spyware app banners appear. Uses kids' Christmas games as an enticement. GAIN Screen Scenes pop-ups emerge. As its URL suggests, this one features Christmas greeting cards to send to family and friends. CoolSavings adware banners appear. Download these holiday greeting cards, and the joke's on you. Screensavers.com banner ads appear.
Sites such as killerfreebies.com/holiday_christmas.html and 101kidz.com/holidays/christmas/ offer a variety of goodies to children and often upload and execute code on the user's machine without providing a end-user license agreement (eula).

Another emerging tactic is to embed spyware in pirated movies or evaluation software that has been tinkered with to work beyond the expiration date, according to Lake Mary, Fla.-based Aluria Software LLC, which is owned by ISP Earthlink Inc.

For instance, Aluria warns, marketing firm Integrated Search Technologies embeds its browser plugins ISTBar and YoursiteBar into downloads that look like movies, songs or software. Such a download may or may not include the actual files requested.

Spyware vendors are also targeting teens with game cheats, song lyrics and MP3 files containing spyware. In fact, peer-to-peer sites are awash with unsafe software -- a situation not only bothersome to users, but also to legitimate video and game-software providers such as AtomFilms.com that also suffer economically.

"There's no credible certification program available where we can be certified as a site that does not distribute malware," said Scott Roesch, vice president and general manager of AtomFilms, a subsidiary of San Francisco-based AtomShockwave Inc. "It's a real nuisance because people might visit our site and then visit a site where they pick up the spyware, and then they blame us."

While much of the spyware is little more than a nuisance to users, increasingly so-called research-ware vendors such as Reston, Va.-based ComScore Networks Inc. are rerouting electronic commerce purchases through their servers so that they can collect data, including the amount of money spent on specific sites. Such "researchware," while not illegal, often operates without the user's full knowledge because of confusing eulas.

"We're noticing a division between the two different types of spyware vendors," said Joe Telafici, director of operation with Santa Clara, Calif.-based McAfee Inc.'s AVERT Research Center. "On the one hand, companies like Claria are making positive moves to clean up their act, and on the other there's a growing number of vendors who are moving toward organized crime."

That is why this area of e-commerce has drawn more attention from the U.S. Secret Service, the agency responsible for both the protection of the President and the protection of U.S. currency. It is taking the lead by trying to stem the tide of credit card fraud and identity theft, fearing that it could devalue the nation's currency. The agency recommends that users install firewall, virus- and spyware-protection software, and update other software regularly.

Lorie Lewis, a member of the Secret Service Public Affairs office, said it's never wise to download items from unknown sources.

"You could be downloading a keylogger, Trojan or backdoor without knowing it," Lewis said.

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close