Words to know: Spyware

A glossary of spyware terminology.

Further develop your understanding of spyware by reviewing these terms and how they relate to each other.

ActiveX -- a Web technology that enables the creation of portable modules and makes it possible for a browser to interact with desktop applications. Spyware is frequently downloaded through an ActiveX plug-in (see also JavaScript).

Adware - Any program that serves advertising while it runs. Many adware applications also track user information.

Anonymizer -- A privacy service that allows a user to visit Web sites without allowing anyone to gather information about them.

Back door -- A means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes, but an attacker may exploit or use a back door to get unauthorized access to information or install spyware.

Bluesnarfing -- Theft of information from a wireless device using Bluetooth transmission. By exploiting a vulnerability in the way Bluetooth is implemented, an attacker can access information -- such as the user's calendar, contact list and e-mail and text messages -- without leaving any evidence of the attack.

Bot -- A program that operates as an agent for a user or another program or simulates a human activity. Surfbots, used to facilitate Internet use, often include spyware. Spyware programs are sometimes known as spybots.

Browser hijacker - A type of malware program that alters your computer's browser settings so that you are redirected to Web sites that you had no intention of visiting. Often works in conjunction with spyware.

Bundling -- The practice of including multiple products in a package deal. Frequently, spyware is bundled with freeware or shareware products.

Cache poisoning -- The corruption of an Internet server's domain name system table by replacing an Internet address with that of another, rogue address. When a Web user seeks the page with that address, the request is redirected by the rogue entry in the table to a different address. At that point, a worm, spyware, Web browser hijacking program, or other malware can be downloaded to the user's computer from the rogue location. Cache poisoning is also called domain name system (DNS) poisoning or DNS cache poisoning.

Cookie - Information about you that a Web site stores on your computer so it can access that information for future reference.

Cookie poisoning -- The modification of a cookie by an attacker to gain unauthorized information about the user for purposes such as identity theft.

Data integrity -- The assurance that information can only be accessed or modified by those authorized to do so.

Digital signature -- An electronic means of authenticating someone's identity or ensuring that exchanged data has not been altered by unauthorized parties.

Drive-by download -- A download that occurs without user knowledge or consent. Can occur as the result of visiting a specific Web site or by clicking a deceptive button on a pop-up window.

Evil twin -- A home-made wireless access point (hot spot) that masquerades as a legitimate one to gather personal or corporate information without the end-user's knowledge.

Encryption -- The conversion of data into ciphertext so that it cannot be understood by unauthorized parties.

Firewall -- A set of programs that work in conjunction to protect a network or computer from external threats. Depending on configuration, provides some protection from worms and viruses, but is not typically as effective against spyware.

Freeware -- Software offered for free download. Sometimes includes adware and/or spyware as a means of offsetting costs or gaining revenue.

Kazaa -- A popular peer-to-peer file-sharing program that was widely reported to include spyware, especially in its earlier incarnations.

JavaScript -- An interpreted programming or script language that is used for Web development. JavaScript can be embedded in HTML pages and, like ActiveX controls, can be used to launch spyware programs from Web pages.

Keystroke logger (also known as keylogger, key logger) -- A small hardware device or program that records each keystroke typed on a particular keyboard for report back to an interested party, such as a marketer or an employer. Also used by unscrupulous individuals to gain access to information for identity theft and other illicit purposes.

Identity theft -- Illicit impersonation of a victim by accessing personal information, often used to obtain credit, merchandise and services in the name of the victim, or to provide the thief with false credentials. Spyware is sometimes used to gather such information.

Malware -- Short for "malicious software", includes spyware, viruses, worms and Trojan horses. Spyware is generally used for marketing purposes and, as such, not really malicious although it is generally unwanted. However, spyware can also be used to gather information for identity theft or other clearly illicit purposes.

Personalization -- Using information gathered about individual visitors to create customized pages for them and enhance customer service or e-commerce sales

Phishing -- A method of tricking people into giving up their personal information. Sometimes associated with spyware; for example, perpetrators may get victims to click on a link that takes them to a Web site where they are subject to a drive-by download.

Pop-up download -- A download initiated through a pop-up window, often engineered to trick the user into agreeing to a download, which may contain spyware.

Potentially unwanted program (PUP) -- A program that may be unwanted, such as adware or spyware, despite the possibility that users consented to download it.

Privacy -- Online, this is the assurance that your personal information will not be accessed without your permission or distributed to third parties.

Pseudonymous profile -- A collection of information about a particular computer user that identifies the user either by their computer's IP address or by a randomly-generated nickname. Often used for personalization or marketing purposes.

Rootkit -- A set of programs used to hack into a system and gain administrative-level access. May also monitor traffic and keystrokes; create a "backdoor" into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to circumvent detection.

Shareware -- Software that is distributed free on a trial basis with the understanding that the user may need or want to pay for it later. As with freeware, this sometimes contains adware or spyware as a means of offsetting costs or creating revenue.

Spam -- Unsolicited bulk e-mail. Recipients who click links in spam messages may put themselves at risk for spyware, viruses and other malware.

Spyware -- Any technology that aids in gathering information about a person or organization without their knowledge. On the Internet (where it is sometimes called a spybot or tracking software), spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties.

Transient cookie -- A small file that stores user information temporarily and disappears when the browser is closed. Because user information is not stored on the hard drive, it cannot be accessed when the session is finished.

Trojan horse -- A program in which malicious code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk or tracking and reporting user information.

URL poisoning -- A method of tracking Web user behavior by adding an ID number to the URL line in a Web browser when a user visits a particular site. This ID number can then be used to determine which pages on the site the user visits thereafter.

Virus -- A program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can perform an almost endless number of activities on the host computer and sometimes install spyware.

War driving -- The act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere. Because a wireless LAN may have a range that extends beyond an office building, an outside user may be able to intrude into the network, obtain a free Internet connection, and possibly gain access to company records and other resources.


This was first published in May 2005

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close