-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
National Cyber Alert System
Cyber Security Tip ST04-016
Recognizing and Avoiding Spyware
Because of its popularity, the internet has become an ideal target for
advertising. As a result, spyware, or adware, has become increasingly
prevalent. When troubleshooting problems with your computer, you may
discover that the source of the problem is spyware software that has
been installed on your machine without your knowledge.
What is spyware?
Despite its name, the term "spyware" doesn't refer to something used
by undercover operatives, but rather by the advertising industry. In
fact, spyware is also known as "adware." It refers to a category of
software that, when installed on your computer, may send you pop-up
ads, redirect your browser to certain web sites, or monitor the web
sites that you visit. Some extreme, invasive versions of spyware may
track exactly what keys you type. Attackers may also use spyware for
malicious purposes.
Because of the extra processing, spyware may cause your computer to
become slow or sluggish. There are also privacy implications:
* What information is being gathered?
* Who is receiving it?
* How is it being used?
How do you know if there is spyware on your computer?
The following symptoms may indicate that spyware is installed on your
computer:
* you are subjected to endless pop-up windows
* you are redirected to web sites other than the one you typed into
your browser
* new, unexpected toolbars appear in your web browser
* new, unexpected icons appear in the task tray at the bottom of
your screen
* your browser's home page suddenly changed
* the search engine your browser opens when you click "search" has
been changed
* certain keys fail to work in your browser (e.g., the tab key
doesn't work when you are moving to the next field within a form)
* random Windows error messages begin to appear
* your computer suddenly seems very slow when opening programs or
processing tasks (saving files, etc.)
How can you prevent spyware from installing on your computer?
To avoid unintentionally installing it yourself, follow these good
security practices:
* Don't click on links within pop-up windows - Because pop-up
windows are often a product of spyware, clicking on the window may
install spyware software on your computer. To close the pop-up
window, click on the "X" icon in the titlebar instead of a "close"
link within the window.
* Choose "no" when asked unexpected questions - Be wary of
unexpected dialog boxes asking whether you want to run a
particular program or perform another type of task. Always select
"no" or "cancel," or close the dialog box by clicking the "X" icon
in the titlebar.
* Be wary of free downloadable software - There are many sites that
offer customized toolbars or other features that appeal to users.
Don't download programs from sites you don't trust, and realize
that you may be exposing your computer to spyware by downloading
some of these programs.
* Don't follow email links claiming to offer anti-spyware software -
Like email viruses, the links may serve the opposite purpose and
actually install the spyware it claims to be eliminating.
As an additional good security practice, especially if you are
concerned that you might have spyware on your machine and want to
minimize the impact, consider taking the following action:
* Adjust your browser preferences to limit pop-up windows and
cookies - Pop-up windows are often generated by some kind of
scripting or active content. Adjusting the settings within your
browser to reduce or prevent scripting or active content may
reduce the number of pop-up windows that appear. Some browsers
offer a specific option to block or limit pop-up windows. Certain
types of cookies are sometimes considered spyware because they
reveal what web pages you have visited. You can adjust your
privacy settings to only allow cookies for the web site you are
visiting (see Browsing Safely: Understanding Active Content and
Cookies and Evaluating Your Web Browser's Security Settings for
more information).
How do you remove spyware?
* Run a full scan on your computer with your anti-virus software -
Some anti-virus software will find and remove spyware, but it may
not find the spyware when it is monitoring your computer in real
time. Set your anti-virus software to prompt you to run a full
scan periodically (see Understanding Anti-Virus Software for more
information).
* Run a legitimate product specifically designed to remove spyware -
Many vendors offer products that will scan your computer for
spyware and remove any spyware software. Popular products include
Lavasoft's Ad-Aware, Webroot's SpySweeper, PestPatrol, and Spybot
Search and Destroy.
* Make sure that your anti-virus and anti-spyware software are
compatible - Take a phased approach to installing the software to
ensure that you don't unintentionally introduce problems (see
Coordinating Virus and Spyware Defense for more information).
_________________________________________________________________
Authors: Mindi McDowell, Matt Lytle
_________________________________________________________________
Produced 2007 by US-CERT, a government organization.
Note: This tip was previously published and is being re-distributed
to increase awareness.
Terms of use
<http://www.us-cert.gov/legal.html>
This document can also be found at
<http://www.us-cert.gov/cas/tips/ST04-016.html>
For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRsMp5/RFkHkM87XOAQI/Ngf+MEdaHbBks+6QxaMjb5EYLrLP97qWMe/l
l2WCZPWxOC/QCoPg9VN6imoJGIZBiB9PTieIggN3rb8OGJP4lnwnkAjaB7bs0WOS
D2LDWIeaxk/9v6w5/uUCIfB446Ptd78hHjOQ0X5HcvaFSp79HhaNvCPJXcNcCTIQ
nYevhFzGS0TFOkoltqXsp3OlEIqcqVCTWQVqUTJQobInR7XbgkOiquZ+65Kapg6D
uqBxOwBesZ5SZA0FQ8E78qPytOEhCQJXGQLJ9A0lE2J6qu2IwtPpJU7Ui5bfIUeN
RfNqpMnK8ysjiB2+aDgxQ2zR70J2ixi40Tr9qSi8zng0WFOUpLHPQw==
=KFO1
-----END PGP SIGNATURE-----
