It is normal to see pop-up ads while surfing the net, right? What a lot of people don’t realize is that those ads could have made their way onto their computers through spyware. By the time that you figure out what is behind the ads, the spyware pop-ups may have gotten so bad that your only choice is to completely reconfigure your computer and just hope that the pop-ups don’t come back. And, if your only mechanism to fight against the spyware is hope, the pop-up ads will return.

What is Spyware Exactly?

Spyware is a type of software which gets onto your computer and is generally used to gather your personal information and then send advertisements to you, normally in the form of a pop-up ad. Spyware software can also change your computer configuration as well as many other potentially harmful things. Even though the term spyware may suggest that the software is simply monitoring action in a secretive way, the purpose of spyware usually goes well beyond this. The party responsible for creating and distributing the spyware are often profiting greatly through targeted advertising or selling off your personal information.

When spyware software is on a computer, it generally is hidden from the user. In 2005, a study carried out by AOL and the National Cyber-Security Alliance showed that 61% of user’s computers were infected with spyware. Of all of these users, 92% of them were not aware that their computers were even infected. 91% of the users claimed that they had not granted permission for the spyware software to be installed. Since then, spyware has become increasingly sophisticated and is often impossible to detect on a user’s computer. Even worse, once detected, some spyware is impossible to remove.

Difference between Spyware and Adware

The terms spyware and adware are often used interchangeably. Both of these terms are used to describe software which can display advertisements. However, there is one major difference between these two: spyware gets onto the user’s computer through illicit means.

With adware, the user agrees to have the adware program installed in exchange for something else. For example, the program Eudora will allow users access to shareware for free but they must agree to receive advertisements. The key word here is “agree.” Adware will not attempt to mislead users and is offered in exchange for a service.

An example of adware includes the file sharing program Eudora. Rather than asking users to pay a registration fee, it asks them to agree to receive advertisements. On the other hand, Gator software is a type of spyware. When users visit certain websites, spyware is installed on the users’ computer through some sort of deceptive manner. The company behind Gator as well as the website where the spyware was installed will both receive revenue.

How does Spyware Get onto Your Computer?

In most cases, spyware gets onto your computer because you have installed it unknowingly. This is how it works: when you find some sort of free program or file online, you download it and it comes bundled together with spyware. This is also the case with shareware. For spyware creators like Claria, which is the largest spyware company, this method of spyware transmission is very profitable. Claria had revenues of $35 million just last year.

Spyware as a profitable business really began to surge when free internet applications became available online. Since applications such as Web browser, email, and instant messaging were free, it didn’t take long before users expected free software as well. Software makers were having a hard time selling software for even low prices and they had trouble battling against illegal file sharing as well. Instead of trying to increase sales, the software makers decided to offer free software but include spyware bundled with it.

A spyware company will pay a software company for every time the software is installed. Then, the spyware uses targeted ads on the user. When a user clicks on the ad or makes a purchase through the ad, the spyware company profits.

An example of this is the free file sharing application Kazaa which comes bundled with spyware from the company Claria. Kazaa gets paid by Claria every time its program is installed. Then, the Claria spyware creates targeted pop-up ads for users and profits each time one of those ads is clicked on. If you visit the Dish Network homepage, a pop-up ad for DirecTV will appear.

This method of spyware distribution occurs with all sorts of free downloads including software and file sharing. Often, the terms and conditions for downloading a free application will mention that spyware is included with the download. However, not many people take the time to read through the terms and conditions. It is also common for the information about spyware to be deceptively hidden in a very long and confusing terms and conditions statement. The downloader simply clicks “Accept” and gets the spyware.

Fake Windows Security Boxes

To start downloading spyware, sometimes all it takes is a click of a link. One of the most common ways that spyware makers get users to click on their links is by disguising them as Windows security boxes. The boxes look just like a normal Windows security box. However, when you click on them, the link causes your security settings to change and spyware to be installed on your computer without your knowledge. For example, a box might read, “Optimize your internet access.” Even if you hit the “No” button, you will still trigger the spyware.

Security Holes

If you do not have high security on your computer, you run the risk of spyware finding its way inside. Some of the newer spyware programs have even learned to find their way through holes in firewall and antispyware software. Spyware is often distributed with a virus. First, a virus is sent to a computer. Instead of replicating and possibly destroying a computer’s system like a normal virus, its job is instead to create a hole for the spyware to enter.

There are several other illicit ways in which spyware can enter a computer. For example, there are spyware programs which are spread through emails. Even if the email gets tagged as potentially dangerous and the user doesn’t read it, the spyware can still be spread just by having it displayed in a preview pane.

Will be continued in Part 2, "How to Prevent Malware"