Author: Chris Lee, Senior Director of Information Technology
In general, Spyware is any software program that is put on your computer to secretly gather information about you and relay it to advertisers or other interested parties. This information can range from the harmless, e.g., what Web sites you visit, to the harmful, e.g., your credit card number, passwords, e-mail addresses, and other information.
More often than not, Spyware is installed at the same time as Adware--though they are technically two different concepts.
Technically, Spyware is not an illegal type of software per se, provided that the user fully understands what data is being collected and with whom it is being shared. Yeah, right. The problem is that most computer users have no idea what is happening behind-the-scenes on their computers.
The bottom line: there are certain types of data collection that a privacy-oriented person may object to sharing with companies or unknown individuals. While legitimate companies will often disclose the nature of information that is collected and transmitted in their DIFFICULT-TO-READ-ALL-UPPERCASE-WRITTEN "privacy" statement (a block of tiny legalese text drivel that few people can either find nor bother reading), there is almost no way for the average user to control what specific information is being sent---or what specific Spyware programs are lurking on their computers.
Spyware can infect your computer either as a software virus or, more commonly, as the result of installing a new program---with or without your knowledge.
Spyware can belong to one or more of the following categories:
Stand-alone programs that incorporate similar approaches have no links to ad serving networks and collect information from users. Included in this group is Alexa, Hotbar, Comet Cursor, the annoying Real Player (the flashing blue thing next to your system clock that never goes away), eWallet, CuteFTP, BonziBuddy.
Browser Help Objects (BHO's) were designed to load whenever Internet Explorer starts, share its memory and perform actions in any available window. BHO's can also detect events, create windows to display additional information on a viewed page, monitor messages, and other actions. There are many exploits of this technology which search all pages you view in IE and replace banner advertisements with other ads, monitor and report on your actions, etc.
Page Hijackers attempt to take control of the Web Browser's home page and reset it with one of the hijackers choosing. The infamous LOP.com is one of the worst offenders of this, and remains one of the most hated websites on the Internet today.
Page Hijackers are a low security threat, but obnoxious. Most Hijackers use stealth techniques, trick dialogue boxes, or Drive-By Downloads to perform their installation.
Scumware is a form of Spyware that changes, intercepts or redirects a Web page hyperlink. Scumware adds advertising links to web pages, for which the author does not get paid, and then redirects the payments from affiliate-fee schemes to the makers of the software.
Scumware represents little in the way of an actual security threat. This form of Spyware is simply annoying for Web users and infuriating for Webmasters who spend hours designing Web pages and their associated hyperlinks.
There are some Spyware programs that do far more than simply monitor what Web sites you visit, report what ads you click on, or screw up your Web browser. Some Spyware programs allow their owners to monitor all kinds of activity on your computer, ranging from keystroke capture, snapshots, email logging, chat logging and just about everything else that you do with your computer.
These tracking tools were originally designed for, and still used by, either parents or paranoid corporate bosses, but can be easily abused if they are installed on your computer without your knowledge.
These tracking tools in and of themselves are perfectly legal in most cases, but, similar to a perfectly legal handgun and 6 bullets, can easily be put to illegal use by a misguided individual or company.
Here are a few types of the worst of the worst:
A dialer is a type of software used by pornographic vendors. Once dialer software is downloaded their modem will secretly auto-dial another phone number and the user is billed. While dialers do not spy on users, they are a serious problem because they can cost people serious money.
Keyloggers are programs designed to monitor user activity. Because they are sold commercially, most anti-virus vendors do not detect them. They can be abused when included and installed by Spyware without the user's knowledge or consent. The collected information is then transferred back to 3rd parties.
Malware is a generic term for malicious software. Malware is software designed specifically to disrupt a computer system---with no other apparent purpose. A Trojan horse, Worm or a typical computer Virus is classified as Malware.
Cookies are tiny text files that are placed on your computer when you visit certain Web sites. They are very common and most sites use them in one form or another.
Cookies can, however, be used in conjunction with Adware/Spyware programs to assist in monitoring information pertaining to your Web browsing activity. They have of late been poorly used on major commerce sites---as those sites will refuse your visit period unless you have your 'cookies' enabled.
Compared to the Spyware/Adware mentioned elsewhere in this article, cookies are relatively harmless when used by most web sites.