Malware, Spyware and
Adware
While the Internet is a powerful resource and provides users with many
useful and often entertaining things to see and do, it also has its
dark side. Most people are familiar with viruses and Spam, but most are
unaware of an even greater and more covert risk to computers connected
to the Internet. These programs are referred to by a number of names,
most commonly Malware, Spyware and Adware. These programs are actually
a very diverse group of programs with a variety of dangers and levels
of threat to an end user's computer. These programs are becoming a
severe problem on computers within our school district, necessitating
many hours of repair time.
What Is It?
Malware is synonymous to malicious software. In the course
of normal Internet usage, it is possible for Malware programs to get
installed on your computer unintentionally or intentionally. These
programs are classified in 2 categories:
- Spyware is a term used to describe software and
tracking cookies that track your computer usage and reports it to a
third party, often without your consent. Spyware often comes attached
to Utilities such as a time and date manager, music download software,
or "toolbar buddies."
- Adware is different than Spyware in that it does not
necessarily spy on the user. Sometimes working in conjunction with
Spyware, Adware displays pop-up ads, or changes your home page.
Effects of Malware, Spyware and Adware:
- Monitors your
Internet Surfing, by compile this data and automatically sending
it to a central monitoring source. This information then can be used to
interfere with your normal navigations of the web with pop-ads,
redirects to alternative sites and changing of your home page.
- Collects Passwords,
which allow unauthorized access to sites that require a password from
you. These could include bank accounts, credit cards, PayPal accounts,
e-mail, online grade books and online stores such as Amazon.com which
store credit card information for you to make repeat purchases from
their sites.
- Changes System
Settings on your computer. These changes can include changing
the home page of your browser, changing your desktop colors and
configuration, block use of installed software and/or hardware (turning
off your sound card or modem, etc.), disable and/or uninstall antivirus
programs and even prevent your computer from starting.
- Hijacks Internet
Browsing. This can be accomplished by changing your browser's
home page, blocking access to search sites (Google, Yahoo, etc.),
sending you to web pages that you did not want to go to (including
pornographic, gambling and scam sites) and/or altering the appearance
of the pages you visit (blocking links, changing colors, blocking
certain words, etc.)
- Pop-ups.
Through the use of Spyware, companies can track your Internet browsing
and/or online shopping activities then present you with ads "they think
you would be interested in." These ads often appear as Pop-ups, a
second (or multiple) browser window that pops up over your current
page. These Pop-ups can be very distracting and annoying. The problems
is compounded by Pop-ups that have no "close button" on the window,
spawn a series of multiple (almost endless) Pop-up windows and/or
contain offensive materials or pornographic images.
- Alters your Browser
(Internet Explorer.) Spyware or Adware can add additional menu bars or
search tools to your browser window. Although their producers often
tout these as time saving or convenience features, in fact many of
these toolbars assist in the gathering of personal information and/or
web surfing habits. This monitoring often results in Spam e-mails
and/or Pop-up ads. They often interfere with your searching by
directing you primarily or only to sites of paid advertisers.
- Hijacks Use of your
Computer. Malware can utilize your computer to send and/or
receive information through the Internet without your knowledge. In
addition to the processor burden that this places on your computers
(slower operation), these uses are often of an illegal or malicious
nature. Hijackers can use your computer to send out viruses (via e-mail
or network), act as intermediary in the illegal sharing of copyrighted
materials, be utilized to mask hacking of other computer systems and/or
cause "Denial of Service" events which flood a network with meaningless
traffic and bring normal operations to a halt ("crashing web sites".)
- Installs Other
Software on the computer without your knowledge or consent.
- Leaves Tracking
Cookies on your computer. Normal cookies are tiny files, often
left on your computer by web sites to know that you are a return
visitor and records any personalized settings you may have made. Normal
cookies are only read by the site that left them on your computer.
Tracking cookies on the other hand gather information from a variety of
sites you visit then "shares" this information with third parties. This
allows companies to send you Pop-ups, disrupt your normal browsing,
send you Spam, etc.
- Logs all Keystrokes
on your computer. Malicious person(s) can then retrieve this
information, to steal passwords and other sensitive information.
How Do I Get It?
A number of actions might result in installation of Malware, including:
- When you visit "an interactive" website that
contains ActiveX control, a Java, or some other code in it that allows
that website to install a file on your computer. This file is the
Malware program.
- Responding to Pop-up or e-mail advertisements. These
often include what I call the "Do you want to..." phrase. They offer
"to block Spam, surf the web faster, prevent Pop-ups, search the
Internet easier, view pictures of famous people, view porn, stop
viruses, etc." Other parties use the infamous phrase "You have won..."
- Programs that you download or are offered by friends
(like a games, screensavers, etc.) can come bundled with Malware. So,
when you install the program, you also get the Malware. These programs
can also be sent to you as an attachment via email.
- Installing and/or using "peer to peer" file sharing
(often music) programs like Napster, Kaaza, etc.
- Viruses and/or Trojans (programs that can install
other programs and/or allow another person to control activities on
your computer remotely) delivered via infected e-mails, document files
or network resources can install Malware programs.
How do I Know if I Have It?
Sometimes, there are obvious signs that there is Spyware on your
computer, sometimes there is not. However, here are some common
symptoms of Malware:
- When you open a browser or connect to the Internet,
unexpected pop-up ads show up. This is Adware.
- Your computer (not just your connection speed) slows
down significantly whether online or offline. This is the result of
Spyware using up memory and bandwidth.
- The homepage has been reset to something that you
did not expect.
- If you have installed software from the Internet and
it installed a second piece of software automatically, that second
piece of software is often Spyware.
- Names of common Malware programs or programs that
assist Malware include: Xupiter, Alexa, Gator, Kaaza, Hot Bar, Double
Click, e-Wallet, Weather Bug, SaveNow, MyWay Search, Bonzi Buddy and
Brilliant Digital and many others. Note: almost all producers of these
software packages will claim that they are not Malware, but independent
sources such as PC Magazine, AOL and others have implicated them as
Malware.
How do I prevent it?
Do not install any software from outside the district on your computer!
If you need a program installed please contact the Director of
Technology for assistance.
Select "YES" option when asked by website if you want to do something
only if you trust the website that you're going to and you are sure
that it will not install any software on your local computer.
Other ways to help prevent Malware are:
- Don't open email attachments that you're not
expecting.
- Don't go to websites that you don't trust.
- Don't install software when you're unsure what it
does.
- Many file-sharing programs install a huge amount of
Spyware, you should avoid them.
- If a browser or instant messenger popup asks you to
install software it's probably not a good idea to install it.
- Research the program you want to install to make
sure that it does not come bundled with Malware.
Is It OK to Ever Allow a Pop Up
Message to Install Software?
Within our district there are only two instances when you should say
"yes" you want to install software:
- Microsoft Windows Updates
- Symantec (Norton) Antivirus Updates
Even then only install the updates when you are
absolutely sure who is requesting to install the new software update.
These messages will never arrive via e-mail.
What Should I Do if I Think I
Have Malware on My Computer?
Please contact Director of Technology using a Computer Repair Request
form or
If there appears to be a potential
breech of security in the form of a stolen password or if there is an
eminent threat of the Malware causing damage to the documents on your
computer or of spreading to other
computers-- please notify the Director of
Technology immediately via e-mail and/or telephone:
----------------------------------------------------------------------------------
Information used in preparing this
advisory comes in part from-
Lavaosft- http://www.lavasoftusa.com/
Humbolt Internet Services -
http://www.humboldt1.com/
PC Magazine- April 2003 -http://www.pcmag.com/print_article/0,3048,a=39374,00.asp
|
