Spyware and Malware – What REALLY is the threat?

19th February 2009

In response to my request for ‘Guest Bloggers’ early this week, I’m pleased to announce this blog’s first guest blogger post from Simon Rochester of the IT consultancy Rochester & Associates who has written a useful article on the woes of Spyware and Malware that will be of benefit to any business owner.

Simon writes…

In the connected, online world, the threat of Spyware or Malware is growing – mainly due to the many businesses and individuals who are incorrectly protected.


According to security specialists, the more advanced versions of Spyware capture surprising amounts of information.

Cleaning spyware and malware from systems is the single, most often used service that a company like Rochester & Associates Ltd can provide.

Differences

The phrases ‘Spyware’ and ‘Malware’ mean slightly different things, though they tend to be interchangeable.

  • ‘Malware’ is short for Malicious Software – it is a generic term for any software which infiltrates a system for nasty purposes. This can include key loggers, Trojans and viruses.
  • Spyware’ is generally software which is designed to track and capture information. Things like passwords and credit card information.

Understanding the problem

The problems occur when you understand that the majority of commercial internet sites have some form of tracking code to evaluate their effectiveness. Pretty advertisements can, and do, carry a hidden payload for counting clicks. From a business point of view there is no point paying for a ‘whizz bang’ website if you are not going to get back a good percentage return on your investment.

It is this very code which can be hijacked, to allow spyware or malware to infect a system.

With the vast majority of businesses and individuals not adequately protected, self replicating software needs only use well publicised exploits to propagate themselves.

The Expert Opinion

Eric Chien, a senior researcher at Symantec, said: “You’d be surprised at the amount of data these things collect.”

Chien said techniques such as screen capture, key logging, behavioral analysis and common word recognition are all methods employed by spyware applications to build a profile of a user.

Presenting at the Virus Bulletin conference in Dublin, Chien also detailed the ways in which spyware can get onto a machine.

He said: “At their most basic, they will be able to find your name, your gender, your age, the amount of time you spend online, what you search for, what you buy and what websites you visit.”

Chien proved this point by showing the detailed data relayed by one piece of common spyware.

Such applications won’t discriminate between personal and corporate data, though the latter tends to be of a far higher value.

Chien also showed conference delegates a more advanced spyware application which is programmed to kick in when any one of hundreds of websites are visited and certain words encountered on the page.

Such an application for example was able to take and relay screenshots whenever the user was on particular retailers’ websites where the word ‘confirm’ appeared.

Chien said: “If you’re hitting ‘confirm’ then what information is going to be visible on that web page? Credit card number, name, expiry date, billing address, shipping address.”
And it gets far more worrying for users. The application is also programmed to start sending screenshots whenever users are on any page of certain banks’ websites.

Protection

The only real form of protection is to ensure that there is no spyware or malware on your PC.

This entails using one of the leading Anti Virus packages such as Eset’s Nod32 package and one of the trusted spyware scanners. Running these regularly will provide you a clean system, though the threat still exists once you go online.

The symptoms and moving forward

As stated previously, spyware cleaning is the most often requested service that we at Rochester & Associates provide – sometimes on a daily basis!

The symptoms manifest themselves firstly, as a slowing down of your PC systems, more so when online. Eventually this results in a painfully slow internet experience, even to the point of not being able to connect.

Once this happens, it’s not usually the end of the world!

Running cleanup utilities, and resetting Internet settings usually restores both speed and connections.

In this case it’s usually prudent to keep a close eye on your bank statements for a few months.

Tips

Cleanup
Further to the above, I’ll list the cleanup tools and websites we tend to use and trust….

BEWARE WHEN USING THESE TOOLS – YOU MAY DAMAGE YOUR SYSTEMS WITH CARELESS USE…IF IN DOUBT, CALL A QUALIFIED ENGINEER!

I cannot say loudly enough – IF IN DOUBT, CALL A QUALIFIED ENGINEER!

The author of this article is Simon Rochester who is a director of the UK IT consultancy Rochester & Associates Ltd based in Bradford, West Yorkshire. Through his company, Simon delivers IT consultancy, support and systems to many varied companies across the region and is always available to advise any business on its IT needs.

Visit their website at www.simtech.co.uk for more information.

Like this Post? Read Others Similar To It:

Tags: ,

Leave a Reply

I encourage comments from other bloggers and readers of my blog who are able to add something useful, constructive and relevant to my posts. Please offer your comments to this post below. Once submitted, your comment will be sent for approval and if appropriate, published soon after.