Bugged by Spyware?
by Frank Coggrave - UK Regional Director, Websense - Thursday, 30 October 2003.
Spyware can cost you serious money, too. In the US recently, an investment broker lost $40,000 after installing what he thought was a market analysis program but which turned out to be a transmitting his account login details to hackers.

Spyware is already a big problem around the world. In Europe, 1 in 3 companies has detected spyware on its network. And the typical spyware program is prolific, typically transmitting 300 items of personal information, totalling some 1 MB of data, from each infected machine every day.

So which software includes spyware? Among the most prolific offenders are the file sharing and swapping sites such as Kazaa, which are used by millions of Internet users to exchange files such as music and videos. The Kazaa software also includes a number of spyware programs which monitor your use of the system and help the company present you with targeted advertising in order to finance the free service.

At present, the legal situation regarding installing spyware without the computer user's permission is a grey area. There is, though, a move afoot in the US to force software authors to declare up-front if installing their program will also install spyware. Many programs do already do this, but the details are buried in the small print of a long, complicated online licence agreement that most people agree to with a single click and without bothering to read.

If you're worried about spyware on your PCs, here are our top tips for dealing with the problem.

1. Software authors often go to considerable lengths to hide the fact that their products include spyware, so it may not be immediately obvious whether there's any on your PC. Check the small print of the licence agreement before installing any freeware or shareware.

2. Get into the habit of uninstalling any software that you don't regularly use.

3. Some of the most common spyware applications include Gator (also known as GAIN), BonziBUDDY and Comet Cursor, each of which is included with many freeware and shareware products. If these products are mentioned within any of the programs you use, your computer is probably infected with at least one spyware tool.

4. Spyware programs aren't viruses, so installing antivirus software doesn't fully protect you from spyware.

5. Many spyware programs communicate through the same Internet port (80) as general Web traffic, thus making it very difficult to block data transmission using a firewall.

6. Check out the privacy policy on the web sites of the software you use, to find out what they use the collected information for.

7. If you are responsible for IT in a corporate environment, seriously consider the use of products such as Websense Enterprise which automatically prevents users from downloading and installing programs which contain spyware. It will also ensure that any spyware application already installed on the user's PC is unable to run, and thus stops it from transmitting confidential information.

Websense Inc. (NASDAQ: WBSN) is the world's leading provider of employee Internet management solutions. Websense Enterprise software enables organisations to manage how employees use their computing resources, including Internet access, desktop applications and network bandwidth. These solutions help improve productivity and security, conserve information technology resources, and mitigate legal liability for our customers. Websense serves approximately 20,000 customers worldwide, including many of the world's largest corporations. For more information, visit Websense Enterprise.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th