Pandemic has accelerated the usage of business and financial applications by almost 500%. While most institutions and users have taken steps to protect their computers using antivirus, but these fail to protect computers “spyware” – another form of malware.
Spyware is a type of malicious software that is installed on your computer or mobile device without your consent. It can gain access to your sensitive personal information and then relay it to other parties, some malicious.
What Spyware can do ?
1. Infiltrate — via an app install package, malicious website (drive by downloads or malicious popups), or file attachment.
2. Monitor activities and capture information— via keystrokes, screen captures, and other tracking codes.
3. Sends stolen data — to the third parties without user consent and knowledge.
4. Can make changes to the system configuration for example remove some security settings to allow more software's to be installed remotely, show popups or redirect users to advertising sites.
5. Spyware can also compromise confidential personal information such as:
- Login credentials — passwords and Account PINs
- Credit card numbers
- Keyboard strokes
- Steal email addresses from the mailing clients
Spyware Infection
Spyware is usually installed without a user's knowledge or permission. This malware may be included in other legitimate freeware or shareware or trial software applications, and even may get installed from websites via drive by downloads.
Bundleware, or bundled software packages, are a common delivery method for spyware. Mostly users may intentionally install spyware as part of some bundled software application without understanding the full ramifications of their actions. A user may be required to accept an End User Licensing Agreement (EULA), which often does not clearly inform the user about the extent or manner in which information is collected. In such cases, the spyware is installed without the user's “informed consent.”
Some bundled spyware installs discreetly without any warning. While at other times, the bundleware will describe the spyware in the license agreement — without using that term and its purpose and will require you to accept the End-user agreement. By forcing the user to agree to the full software bundle to install the desired program, users voluntarily and unknowingly infecting their systems.
Spywares authors many a times also use the marketing emails to trick users to click a link to visit malicious website or install a software application , again leveraging user interaction to trick them for infection.
Some examples
Unlocker app bundled with spyware
Applications bundled with Spyware/Adware
Behaviors Associated With Spyware
Spyware can be difficult to detect and remove because it:
- Does not always appear as a running program in the Window's Task Manager; therefore, the user may be unaware that his or her computer has been infected.
- May not include a uninstall option in the Windows “Add/Remove Programs” function. Even when such an option is available, the removal process may not eliminate all components, or it may redirect the user to an Internet site to complete the removal. This often results in new or additional infection rather than removal. Sometimes browsers are installed with toolbars that again redirect the user's to malicious websites for reinstallation of same or other spyware of same author .
Mitigate the Risks Associated With Spyware
- Restricting users from downloading software, especially software not previously approved by the organization policies.
- Removing administrator rights or provisioning a non-admin account for internet surfing.
- If possible, configure the browser to reject Active X controls to lessen the likelihood that spyware could be installed on computers through drive by downloads during website visits.
- Keeping systems updated with patches lowers the chances of infection as many spyware programs take advantage of reported vulnerabilities
- Installing and maintaining a comprehensive anti-malware solution that offers anti-spyware features
- Setting firewall filters to prohibit Internet downloads and visits to inappropriate Websites
- Spreading user awareness about malware and spyware.
- Email security tools for removing phishing and spam mails as well as preventing delivery of mails with malicious links
