Spyware

SPYWARE IN ALL ITS FORMS still seems to be the most serious problem facing most of my home clients.

A recent study in the U.S. found that 80% of home PCs are plagued with spyware, and my experience suggests that the problem here in the U.K. is as bad or worse.

If your PC is running very slowly, or if lots of extra "toolbars" have mysteriously appeared, or if you're troubled by unwanted and surprising "pop-ups", then you're probably infected.  An infected PC may be downloading adverts all the time it's on the Internet, can be silently running up huge phone bills on your modem (if you have one), or could be sending every password you type (and the details of the place you typed it – perhaps your online banking service) to someone untraceable.  You really don't want spyware on your machine.

As a simple test, shut down all programs and run "Task Manager" (Ctrl-Alt-Del in most versions of Windows); if it shows more than about 20 processes running, or if any of them have suspicious or random-seeming names, you've got spyware.  Those extra processes are the spyware programs.  I can clean your PC for £25 to £50 (depending on the severity of the infection) and offer advice (and some safeguards) to stop you getting infected again.  Or there's some self-help on my pages here.

What is spyware?

Spyware is now a bigger problem than viruses, maybe because there is money to be made out of spyware.

Viruses wish to harm your machine, are written by anonymous people, and are generally illegal.  You run anti-virus software to catch them before they can do harm.

Spyware, on the other hand wishes to spy on your information, or use your computer for its own ends.  Some types are written by legitimate – but unethical – companies (they have websites and contact details) who claim you want their spyware, and that you agreed to install it.  They sell their services to advertisers.  Anti-virus software often decides not to alert you about spyware, because it is not actually malicious (but may be unwanted, dangerous or costing you money); you will need to take extra precautions against spyware if you want to stop it hijacking your machine.

Even the most benign spyware is slowing your machine down.

There are various types:

• Trojans A trojan lurks in your PC doing something you're unaware of.  It may be waiting for someone on the Internet to secretly contact it (using your broadband connection); they could then use it to take control of your machine and – for example – use it to send "spam" or viruses to other people.  This may cause you to be marked as a spammer, and your mail will be blocked or your broadband connection will be suspended.
• Diallers A dialler will try to use your dial-up modem to ring premium-rate or international numbers, thus running up a huge phone bill for you. BT generally demand you pay the bill (after all, the calls were actually made) and in turn pass some of your payment to the premium-rate operator or foreign phone company, who in turn pass it on to someone else -- presumably the fraudster who planted the dialler on your machine.  Diallers turn off your modem's speaker before they start, so you're very likely to be unaware of what they are up to.  People have had to pay phone bills of over £1,000 run up by diallers.  (You are at no risk so long as you don't have your dial-up modem plugged in – so if you have broadband, unplug your old dial-up modem.)
• Adware uses your Internet connection to download adverts which it shows you even when you're not on the Internet.  Or it shows you adverts when you visit sites which don't have them, and makes it look as if the advert comes from the site.  One of my customers was startled when she visited the Surrey County Council website and was offered a "free subscription" to a pornographic website.
• Loggers secretly monitor your typing and mouse movements, and record what pages you've viewed.  They then send this information to someone else on the Internet.  That person could use the information to reconstruct your name and address (if you wrote them in a letter or filled in a form on a website), collect your credit card or banking details, or capture your username and security details for online banking.  The person could then use the details to transfer money from your bank account, or buy things with your credit card.  It might be hard to prove it wasn't you, and it could be impossible to trace the money.  (I've seen a lot of "spam" recently for people to set up bank accounts which will have money paid in, and they are asked to withdraw the money and "wire" it to someone abroad.  You might trace your money to one of these innocent, although foolish, people, but they've sent it to a PO Box abroad.)

How prevalent is it?

A survey of 329 dial-up and broadband adult computer users by the US National Cyber Security Alliance and America Online has found that 80 percent of home computers were infected with spyware or adware of some kind.

80% US home PCs have spyware: study
Longer version of same story
Full version of same story

How does spyware get onto my PC?

You download it from a website. Quite possibly it will come as part of something else, such as a music-sharing program like Kazaa, or an add-on like Messenger Plus.  Or a website shows you a warning that your PC is running slowly, is showing the wrong time, or has spyware(!) and offers to download a program to "fix" it -- that's the spyware being downloaded, that is.  And you agreed to it.

Or you get it from an e-mail attachment, in the same way as you'd get a virus.

A press story (from Spyware: Users Say Yes to It):

• NEW YORK -- Tagalong software, generally known as spyware, is an especially tricky security threat because user carelessness is nearly always to blame.
  
  All Dennis McGrath wanted was to belong. Just about everyone else in his chat room began displaying new kinds of smiley faces with their messages. So he downloaded a free program to get some, too.
  
  Little did McGrath know he would also get a pesky toolbar that keeps reappearing -- no matter how he tries to disable it.
  
  "When you go install something, a big window should come up with big letters and tell you in the first paragraph, 'Here, we're going to install this, this and that,'" said McGrath, a former truck driver in San Jose, Calif. McGrath realizes he might have agreed to the toolbar in accepting a licensing agreement he didn't bother to read.

Other press stories:
People don't read the licence terms
Houston Chronicle series (12 page views allowed)
Spyware Watch

What are the dangers?

Any or all of these:

• Your use of the PC is hampered by relentless adverts (especially for pornographic or gambling sites).
• Your PC slows down dramatically.
• Your PC crashes more often.
• Your broadband connection is used without your knowledge, possibly to sent spam, adverts, or viruses to millions of people.
• Your PC can be controlled by someone unknown to you, who can download viruses or more spyware to it, delete your files, whatever.
• Your personal or financial details can be stolen and used.
• People can run up big bills on your credit cards and you might not be able to prove it wasn't you.
• People can take money out of your bank account and can't be traced, and again, you can't prove it wasn't you.
• Big bills can be run up on your phone line, and BT may require you to pay them.

What should I do about it?

Contact me, or tackle it yourself (which can be very time-consuming, and requires some computer knowledge.  This site may help.

If you want me to tell you if you've got spyware or not, download Hijack This and send me the log. I'll tell you by e-mail whether I think you've got spyware or not.  As this is a free service, I can't guarantee a specific response time – it depends how busy I am.  But I usually manage to get back to people within 24 hours.

© Copyright Paul Doherty, 2008.  All rights reserved. Tel: (UK) 01784 439253