Threat Type: Software based, victim enabled
Examples of Threats:
- Popping up advertisements all over your computer screen
- Installing programs to collect and report data on your Internet browsing habits
- Inserting toolbar or searchbar programs into your browser or applications, such as Internet Explorer, which slow down your computer’s performance
- Collecting and reporting information about which websites you visit so that you can be targeted more effectively with advertisements and marketing
- Install and enable a popup blocker.
- Install and enable a spyware/adware blocker.
- Use a personal firewall program on each computer to prevent unauthorized program installations and Internet access (see Chapter 1, “Tip 1: Use Firewalls”).
- Avoid downloading “free” software programs that have strings attached.
- Periodically use a spyware elimination program to find and delete spyware and adware.
One of the engines that has driven the explosive growth of the Internet is the concept of eyeballs. For a relatively low price, you are provided with a high-speed broadband connection that gives you access to an endless amount of mostly free information, services, digital media, and even software programs.
Ever ask yourself how these companies stay in business? For example, how does Weather.com pay their bills to be able to bring you awesome up-to-the-minute radar images for your city’s weather? How can people give you software programs such as screensavers and games for free?
The answer is eyeballs. Eyeballs refers to the number of people’s eyes someone can get to view their Internet content (and accompanying advertisements). Yes, the Internet is based on relatively the same concept as commercial television.
The difference is the Internet can bring highly targeted advertising like never before and sometimes nearly force you to view it. Banner and popup ads were the first wave, but most people are tuning them out, so to speak, by installing popup blockers. So, advertisers are relying on more sophisticated methods to get their stuff in front of your eyes.
An all-out brawl is looming between consumers and advertisers. Between cable networks, DVRs, and TiVo players, we can screen out quite a few commercials. With increasingly good technology, we can also screen out a lot of advertisements online, too, which is the focus of the rest of this chapter.
What Is Spyware and Adware?
So, why spyware and adware? Well, quite frankly, online advertisers are getting more desperate to keep the ads under your nose. As a result, there is an escalation of techniques occurring, some getting pretty aggressive. These techniques include adware and spyware.
There is not one agreed upon definition of what adware is and is not, but in general it includes any program used to facilitate getting advertising content in front of you on your computer, including the following:
Popups— Advertisements that pop up on your computer screen as new windows, especially while you are browsing the Internet.
Adware— Although the whole category of advertisements is often referred to as adware, the term also is used in reference to hidden programs inside of other programs. This is usually from free software or a game you download that is permitted to shower you with ads as the price you pay for using it for free.
Annoyware— Term for aggressive adware practices, such as asking whether you want to install a program and then only allowing you to click OK and not Cancel, or popups that when you close them keep popping up more and more additional ones.
Banner ads— Blending an advertisement into a website in an official-looking banner, enticing you to click it because you think it is part of the page you are browsing.
Drive-by downloads— Suddenly asking you to download a program that you did not ask for while browsing the Internet.
Warning boxes— Making a popup ad look like a typical warning box you get in Windows. Our favorites are those that claim your system is infected with adware/spyware and then try to sell you an antiadware program. Adware selling antiadware. Beautiful.
Most adware is obtained willingly, by you agreeing to see advertisements for using a free piece of software or service on a website. You probably do not even notice this in the fine print of the user agreement when you click the Accept button. (Adware vendors are counting on the fact that you don’t.)
There is also not one agreed upon definition of what spyware is and is not, but in general it includes any program used to gather and relay information from your computer to a location collecting the information, including the following:
Data miners— Actively collect information from you and then relay it to a remote server.
Spyware— As in the adware case, this term is used for both the category and for a particular instance within the category. In this case, we are referring to a hidden program that collects information and sends it to a central server without your knowledge or consent.
Trackware— Generally passive method of tracking with cookies what site or sites you have visited and also some amount of personal information.
Hijacker— These little gems like to hijack your Internet Explorer settings, such as changing your home page to where they want you to go or hijacking and overlaying the search function.
Searchbars and toolbars— Toolbars for searching that can be added as add-ons to Internet Explorer. They generally cause slow performance on your computer and can be used to track what information you search for and browse.
Some spyware is obtained willingly, by you agreeing to participate in some trial marketing for using a free piece of software or service on a website. Just as often, you might think you are agreeing to adware when in reality a program has been placed on your computer that can collect information and send it to a marketing company.
Figure 5-1 shows an example of spyware. In this example, the spyware program is put in a popup ad as a payload. When the computer user clicks the popup ad, the spyware program is deposited on the computer.
After the initial deposit, the spyware can track whatever it was created for (for example, which applications are running on the PC or which web pages are browsed most often). Periodically, the spyware can call home, by sending its information to the creating company over the Internet.
Are Spyware and Adware Viruses?
Although many adware and spyware programs increasingly share some of the characteristics of viruses, especially stealth and doing things without your knowledge, the primary distinction is that viruses live to replicate, whereas spyware and adware live to gather information that can be sent to marketing companies or to entice you to buy a specific product.
In general, spyware and adware are a one-to-one relationship between you and whatever marketing organization is trying to sell you stuff. They generally do not replicate themselves and send themselves to other computers. Spyware and adware tend to operate more on the “cow pattie” model: meaning they lie around on websites until you step in one, and then they cling to your shoe until you can shake them loose.