BACKGROUND IMAGE: iSTOCK/GETTY IMAGES

This content is part of the Essential Guide: Secure Web gateways, from evaluation to sealed deal
Definition

spyware

Contributor(s): Alex Gillis, Taina Teravainen

Spyware is software that is installed on a computing device without the end user's knowledge. Any software can be classified as spyware if it is downloaded without the user's authorization. Spyware is controversial because even when it is installed for relatively innocuous reasons, it can violate the end user's privacy and has the potential to be abused. 

Spyware can be difficult to detect; often, the first indication a user has that a computing device has been infected with spyware is a noticeable reduction in processor or network connection speeds and in the case of mobile devices -- data usage and battery life. Anti-spyware tools can be used to prevent or remove spyware. Anti-spyware tools can either provide real-time protection by scanning network data and blocking malicious data, or detect and remove spyware already on a system by executing scans.  

To prevent spyware, users should only download software from trusted sources, read all disclosures when installing software, avoid clicking on pop-up ads and stay current with updates and patches for browser , operating system and application software. To reduce the probability of infection, network administrators should practice the principle of least privilege (POLP) and require remote workers to access network resources over a virtual private network (VPN) that runs a security scan before granting access privileges. 

Types of spyware

Spyware is not just one type of program. It's an entire category of malicious software that includes adware, Trojans, keystroke loggers, and information stealing programs. 

Types of spyware

Adware - Malicious adware is often bundled in with free software, shareware programs and utilities downloaded from the internet, or surreptitiously installed onto a user's device when the user visits an infected website. Many internet users were first introduced to spyware in 1999 when a popular freeware game called "Elf Bowling" came bundled with tracking software. Adware is often flagged by antimalware programs as whether the program in question is malicious or not. 

Cookies that track and record users' personal information and internet browsing habits are one of the most common types of adware. An advertiser might use cookies to track what web pages a user visits in order to target advertising in a contextual marketing campaign. For example, an advertiser could track a user’s browser history and downloads with the intent to display pop-up or banner advertisements to lure the user to make a purchase. Because data collected by spyware is often sold to third parties, regulations such as GDPR (General Data Protection Regulation) have been enacted to protect the personally identifiable information (PII) of website visitors.

Keyboard loggersKeyloggers are a type of system monitor that are often used by cybercriminals to steal personally identifiable information (PII), login credentials and sensitive enterprise data. Keyloggers may also be used by employers to observe employees' computer activities, parents to supervise their children's internet usage, users to track possible unauthorized activity on their devices or law enforcement agencies to analyze incidents involving computer use.

Hardware keyloggers resemble a USB flash drive and serve as a physical connector between the computer keyboard and the computer, while software keylogging programs do not require physical access to the user's computer for installation. Software keyloggers can be downloaded on purpose by someone who wants to monitor activity on a particular computer, or they be downloaded unwittingly and executed as part of a rootkit or remote administration Trojan (RAT).

TrojansTrojans are typically malicious software programs that are disguised as legitimate programs. A victim of a Trojan could unknowingly install a file posing as an official program, allowing the Trojan to have access to the computer. The Trojan can then delete files, encrypt files for ransom or allow others to have access to the user’s information.

Mobile spyware - Mobile spyware is dangerous because it can be transferred through Short Message Service (SMS) or Multimedia Messaging Service (MMS) text messages and typically does not require user interaction to execute commands. When a smartphone or tablet gets infected with mobile spyware that was sideloaded with a third party app, the phone's camera and microphone can be used to spy on nearby activity, record phone calls, log browsing activity and keystrokes. The device owner's location can also be monitored  through GPS or the mobile computing device's accelerometer.

Anti-spyware tools

Malwarebytes is an anti-malware/spyware tool which can remove spyware from Windows, macOS, Android, and iOS. Malwarebytes can scan through registry files, running programs, hard drives, as well as individual files. Once a spyware program is detected, a user can quarantine and delete it. However, users can’t set up automatic scanning schedules.

spyware

Trend Micro HouseCall is another anti-spyware tool which doesn’t require user installation. Because it doesn’t require an installation, HouseCall uses minimal processor and memory resources, as well as disk space. Users cannot set automatic scans, however.

Windows Defender is an anti-malware Microsoft product included in Windows 10 operating system (OS) under Windows Defender Security Center. The software is a lightweight, anti-malware tool that protects against threats such as spyware, adware and viruses. Windows Defender includes multiple features such as Application Guard, Exploit Guard, Advanced Threat Protector and Analytics. Windows Defender users can set automatic “Quick” and “Full” scans, as well as set alerts for low, medium, high and severe priority items.

This was last updated in January 2019

Continue Reading About spyware

Join the conversation

3 comments

Send me notifications when other members comment.

Please create a username to comment.

Mostly used for the purposes such as; tracking and storing internet users' movements on the web; serving up pop-up ads to internet users that monitors a user's computing,can result in slow Internet connection speeds, un-authorized changes in browser settings, or changes to software settings
Cancel
What methods have been the most successful for spyware detection and mitigation in your organization?
Cancel
working with slow wifi connection because your wifi is setup in next room?
if yes then you can use mynetgear to extend your wifi range. it can support multiple syste, simultaneously with over 1200 mbps speed.
Cancel

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close