| Spyware is a general term used to describe | | | | or word processors, install other SpyWare |
| software that performs certain behaviors such as | | | | programs, read cookies, change the default home |
| advertising, collecting personal information, or | | | | page on the Web browser, consistently relaying |
| changing the configuration of your computer, | | | | this information back to the SpyWare author who |
| generally without appropriately obtaining your | | | | will either use it for advertising/marketing |
| consent first. | | | | purposes or sell the information to another party. |
| Spyware is often associated with software that | | | | Licensing agreements that accompany software |
| displays advertisements (called adware) or | | | | downloads sometimes warn the user that a |
| software that tracks personal or sensitive | | | | SpyWare program will be installed along with the |
| information. | | | | requested software, but the licensing agreements |
| That does not mean all software that provides | | | | may not always be read completely because the |
| ads or tracks your online activities is bad. For | | | | notice of a SpyWare installation is often couched |
| example, you might sign up for a free music | | | | in obtuse, hard-to-read legal disclaimers. |
| service, but you "pay" for the service by agreeing | | | | Examples of SpyWare |
| to receive targeted ads. If you understand the | | | | These common SpyWare programs illustrate the |
| terms and agree to them, you may have decided | | | | diversity of behaviors found in these attacks. |
| that it is a fair tradeoff. You might also agree to | | | | Note that as with computer viruses, researchers |
| let the company track your online activities to | | | | give names to SpyWare programs which may |
| determine which ads to show you. | | | | not be used by their creators. Programs may be |
| Other kinds of Spyware make changes to your | | | | grouped into "families" based not on shared |
| computer that can be annoying and can cause | | | | program code, but on common behaviors, or by |
| your computer slow down or crash. | | | | "following the money" of apparent financial or |
| These programs can change your Web browsers | | | | business connections. For instance, a number of |
| home page or search page, or add additional | | | | the SpyWare programs distributed by Claria are |
| components to your browser you don't need or | | | | collectively known as "Gator". Likewise, programs |
| want. These programs also make it very difficult | | | | which are frequently installed together may be |
| for you to change your settings back to the way | | | | described as parts of the same SpyWare |
| you originally had them. | | | | package, even if they function separately.o |
| The key in all cases is whether or not you (or | | | | CoolWebSearch, a group of programs, takes |
| someone who uses your computer) understand | | | | advantage of Internet Explorer vulnerabilities. The |
| what the software will do and have agreed to | | | | package directs traffic to advertisements on Web |
| install the software on your computer. | | | | sites including It displays pop-up ads, rewrites |
| There are a number of ways Spyware or other | | | | search engine results, and alters the infected |
| unwanted software can get on your computer. A | | | | computer's hosts file to direct DNS lookups to |
| common trick is to covertly install the software | | | | these sites.o Internet Optimizer, also known as |
| during the installation of other software you want | | | | DyFuCa, redirects Internet Explorer error pages |
| such as a music or video file sharing program. | | | | to advertising. When users follow a broken link or |
| Any software that covertly gathers user | | | | enter an erroneous URL, they see a page of |
| information through the user's Internet connection | | | | advertisements. However, because |
| without his or her knowledge, usually for | | | | password-protected Web sites (HTTP Basic |
| advertising purposes. Spyware applications are | | | | authentication) use the same mechanism as HTTP |
| typically bundled as a hidden component of | | | | errors, Internet Optimizer makes it impossible for |
| freeware or shareware programs that can be | | | | the user to access password-protected sites.o |
| downloaded from the Internet; however, it should | | | | Zango (formerly 180 Solutions) transmits detailed |
| be noted that the majority of shareware and | | | | information to advertisers about the Web sites |
| freeware applications do not come with SpyWare. | | | | which users visit. It also alters HTTP requests for |
| Once installed, the Spyware monitors user activity | | | | affiliate advertisements linked from a Web site, |
| on the Internet and transmits that information in | | | | so that the advertisements make unearned profit |
| the background to someone else. Spyware can | | | | for the 180 Solutions Company. It opens pop-up |
| also gather information about e-mail addresses | | | | ads that cover over the Web sites of competing |
| and even passwords and credit card numbers | | | | companies.o HuntBar, aka WinTools or |
| Aside from the questions of ethics and privacy, | | | | Adware,WebSearch was installed by an ActiveX |
| SpyWare steals from the user by using the | | | | drive-by download at affiliate Web sites, or by |
| computer's memory resources and also by eating | | | | advertisements displayed by other SpyWare |
| bandwidth as it sends information back to the spy | | | | programs-an example of how SpyWare can install |
| ware's home base via the user's Internet | | | | more SpyWare. These programs add toolbars to |
| connection. Because SpyWare is using memory | | | | IE, track aggregate browsing behavior, redirect |
| and system resources, the applications running in | | | | affiliate references, and display |
| the background can lead to system crashes or | | | | advertisements.oZlob Trojan or just Zlob, |
| general system instability. | | | | Downloads itself to your computer via ActiveX |
| Because SpyWare exists as independent | | | | codec and reports information back to Control |
| executable programs, they have the ability to | | | | Server. Some information can be as your search |
| monitor keystrokes, scan files on the hard drive, | | | | history, the Websites you visited, and even Key |
| snoop other applications, such as chat programs | | | | Strokes. |