Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Getting infected with spyware

Created: 25 Sep 2006 07:00:00 GMT • Updated: 23 Jan 2014 18:56:38 GMT
Mimi Hoang's picture
0 0 Votes
Login to vote

Unlike traditional worms or viruses, spyware usually does not spread itself from system to system. One of the easiest ways to distribute spyware is to go directly to the users and gain their consent to download the application. One of the more common trends in accomplishing this act is through the use of “misleading applications.” On the extreme end, these are applications that can grossly exaggerate and alert critical errors on users’ systems that are not actually present. This deceives some users and scares them into purchasing the program for a substantial fee to fix errors that are nonexistent.

Another method used to distribute spyware is to entice the user by offering up something desirable or useful for free. Not only does the user get the freebie tool, but they also get the bundled adware or spyware program downloaded with it as well.

On the flip side, there are ways of installing and downloading spyware without user consent, such as the simple act of browsing a Web site. These so-called “drive-by downloads” leverage browser exploits on vulnerable systems in order to download spyware or adware programs. More recently, these spyware/security risk programs can end up on your system through zero-day exploits. Here’s the latest one: http://www.symantec.com/enterprise/security_response/weblog/2006/09/trojanvimalov_a_zeroday_exploi.html

The bottom line: stay away from Web sites that you don’t know and don’t click on popup ads or links that are delivered through email or instant messaging clients. Make sure all computers have the latest patches installed. Even when using extreme caution, it is clear that security risk programs like spyware and adware can still be downloaded onto a machine without a user’s knowledge; so, above all, make sure you are using security programs that are supplied by a trusted security vendor.