Explanation
The threat
Spyware is software or hardware installed on a computer without the user's knowledge which gathers information about that user for later retrieval by whomever controls the spyware. Spyware refers to a broad category of malicious software designed to intercept or take partial control of a computer's operation without the informed consent of that machine's owner or legitimate user.
Spyware differs from viruses and worms in that it does not usually self-replicate. Like many recent viruses, however, spyware by design exploits infected computers for commercial gain.
Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements; theft of personal information (including financial information such as credit card numbers); monitoring of Web-browsing activity for marketing purposes; or routing of HTTP requests to advertising sites.
Spyware:
- installs itself on a PC without consumers' knowledge,
- tracks computer usage,
- is difficult to remove, and
- can have both commercial intent (targeted ads) or criminal intent (password collecting).
Two categories of spyware
Spyware can be broken down into two different categories:
Surveillance software
Surveillance software includes keyloggers, screen capture devices, and Trojan horses. These would be used by corporations, private detectives, law enforcement, intelligence agencies, suspicious spouses, etc.
Advertising spyware
Software that is installed alongside other software on the Internet (piggybacking), often without the user's knowledge, or without full disclosure that it will be used for gathering personal information and/or showing the user ads. Advertising spyware logs information about the user, possibly including passwords, email addresses, Web browsing history, online buying habits, the computer's hardware and software configuration, the name, age, sex, etc. of the user.
As with spam, advertising spyware uses the CPU, RAM, and resources of the user's computer, making the user pay for the costs associated with operating it. It then makes use of the user's bandwidth to connect to the Internet and upload whatever personal information it has gathered, and to download advertisements which it will present to the user, either by way of pop up windows, or with the ad banners of ad-supported software. All of this can be considered theft in the cases of advertising spyware that installs without disclosure.