The History And Introduction Of Spyware Information Technology Essay
Spyware is a general term for any badware or malware that is installed onto computers and collects little bits of information at a time about users without their knowledge. It is typically hidden from the user, and can be difficult to detect. Sometimes, however, spywares such as key loggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users. It started out as advertising supported software but has grown into a big monster as the internet has gradually developed. Nowadays it is used in more malicious ways but initially it was developed to help pay for free distributed software by bundling the advertising within the software. Spyware or tracking cookies can be easily dropped into the system by visiting certain websites. The security patches should be kept up to date in order to prevent this.
While the term spyware suggests that software that secretly monitors the user’s computing, the functions of spyware extend well beyond simple monitoring. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs. In an attempt to increase the understanding of spyware, a more formal classification of its included software types is captured under the term privacy-invasive software.
In most of the cases, consent is given unbeknownst to the user if they don’t read the fine print in the end-user license agreement while downloading some of the products from the internet. Spyware is often bundled in popular file sharing software used for downloading stuff like music.
The first recorded use of the term spyware occurred on October 16, 1995 in a Usenet post that poked fun at Microsoft’s business model. Spyware at first denoted software meant for espionage purposes. However, in early 2000 the founder of Zone Labs, Gregor Freund, used the term in a press release for the Zone Alarm Personal Firewall. Since then, “spyware” has taken on its present sense. According to a 2005 study by AOL and the National Cyber-Security Alliance, 61 percent of surveyed users’ computers had some form of spyware. 92 percent of surveyed users with spyware reported that they did not know of its presence, and 91 percent reported that they had not given permission for the installation of the spyware. As of 2006, spyware has become one of the preeminent security threats to computer systems running Microsoft Windows operating systems. Computers where Internet Explorer (IE) is the primary browser are particularly vulnerable to such attacks not only because IE is the most widely-used, but because its tight integration with Windows allows spyware access to crucial parts of the operating system.
Types of spyware
The activities which one performs on his/her computer are monitored by system monitor. All kinds of information like a/c information, usernames, passwords and credit card numbers are captured and send to other websites. It’s done without the user knowledge.
System monitor can even infect your system through bogus emails or IM viruses. The hacker has the access to do whatever he/she wants, once infected.
It comes in through e-mail attachments or sometimes through free software package. It starts doing the damage once it’s loaded onto the computer. These types of software are usually in popular, free downloads. They also usually contain at least one Stalking Horse (defined later) and software for ad-serving networks. Sometimes the company asks you if you want to install these stalking horses or ad-serving programs, but usually they are hidden in the fine print of the license agreement and you agree without even knowing it. You have to agree to everything in that agreement because, in some situations, if you choose not to install the spyware you will not be able to use the main program. Examples of programs that are Trojan Horses are KaZaa, Grokster, and Morpheus.
You might hear some people argue that cookies are not spyware at all because most of them have a legitimate purpose – to help the owners of web sites save your personal settings and customizations so that when you return to the site it will be tailored to your tastes and interests. However, I delete cookies all the time and I’ve never had trouble when I go back to my favorite sites.
Cookies are also used by advertisers to track sales and clicks to better understand how best to spend their marketing budget.
For example, if you are reading a news story about your favorite football team, on that page you might see an advertisement or a text link directing you to a site where you can get a jersey of your favorite team. Well, your team just won an important game, so naturally you want one now! And it’s a good price! So you click on this link and make the purchase.
The advertiser then knows that the site you came from is a good place to spend money advertising. If the link is ignored, they will not continue to advertise on that site. Without cookies, companies would be blindly throwing money at advertising opportunities without any way of knowing if it is effective.
Adware programs are free to use but they have advertisements built into the software. When you run the program, it pulls down advertisements from the Internet and displays them somewhere in the software.
Double Click, Value Click, Gain, and Radiate are among networks that use this method.
These programs do have some valid uses, but they are also able enough to collect information about how you use your computer, like the sites you visit and the type of your hardware and transmit it back to their servers. They generally do not get well along with adware networks. Comet Cursor, Alexa, and Hotbar are some of the examples of Backdoor Santas.
Stalking Horses let adware networks send ads to your computer. In general, they are bundled into a program and are offered as an addition, they make you think that you need the installation of the integral software.
It changes your homepage and after that no matter how many times you change it back to the homepage you want, they will change it back. It is not just the homepage they take over. When you start searching in Google, hijackers send your request to another search engine. So eventually, your computer has been hijacked.
Now a question raises in our mind that why do they do this? Answer is simple for money. With the help of above mentioned method (Browser Hijackers) they send you to a site where they gain a commission for the user going there and consequently increases the traffic, thereby generating higher ad revenue.
They, the dialers, make their money by connecting ones computer through their phone line to other computers, which are usually any porn sites. Since these numbers are pay per call, that person gets charged for the time. It’s generally quite a shock for that particular person when he/she receives the phone bill.
Spyware also includes commercial tools like keyloggers(its briefed below) and network management tools, which are used in large corporations to keep an eye on employees. This software is misused as well sometimes; let’s say when hackers steal someone’s password to obtain access to the computer system.
A Keylogger is a program that records all your keystrokes (as it names suggests), then those keystrokes are hidden in the machine for later retrieval, or shipped right away to the attacker. From these keystrokes, the attackers will try to find any important data like passwords or other information that could be used in an attack. For example, a key logger can reveal the contents of e-mail you’ve written. Keylog programs are commonly used and included in Trojans.
Phishing is when an email is sent to you that claim to be a real business when in fact it is trying to scam you into giving out your private information to be used for identity theft.
Usually the email says that the reader must visit a web site to update or verify personal information, like credit card numbers, passwords, social security numbers, etc. Unfortunately, the web site is fraud, and only wants to steal your identity and information.
Two of the most recent, well-known phishing scams were the emails from a bank, like Sun Trust or Chase. Many people thought the bank was really sending them an email and fell for this scam – sending personal information like bank accounts, password and social security numbers to the bad guys. Another famous phishing scam were emails purportedly from eBay claiming that the user’s account was about to be suspended unless he clicked on the link and updated the credit card information.
It’s easy to make a site look like it’s the real thing, and many people thought they were really being contacted by eBay and were connecting to eBay’s real site to update information.