US-CERT Cyber Security Tip ST04-016 -- Recognizing and Avoiding Spyware

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                        National Cyber Alert System
                        Cyber Security Tip ST04-016


Recognizing and Avoiding Spyware

   Because of its popularity, the internet has become an ideal target for
   advertising. As a result, spyware, or adware, has become increasingly
   prevalent. When troubleshooting problems with your computer, you may
   discover that the source of the problem is spyware software that has
   been installed on your machine without your knowledge.

What is spyware?

   Despite  its  name, the term "spyware" doesn't refer to something used
   by  undercover  operatives, but rather by the advertising industry. In
   fact,  spyware  is  also known as "adware." It refers to a category of
   software  that,  when  installed on your computer, may send you pop-up
   ads,  redirect  your  browser to certain web sites, or monitor the web
   sites  that  you visit. Some extreme, invasive versions of spyware may
   track  exactly  what keys you type. Attackers may also use spyware for
   malicious purposes.

   Because  of  the  extra processing, spyware may cause your computer to
   become slow or sluggish. There are also privacy implications:
     * What information is being gathered?
     * Who is receiving it?
     * How is it being used?

How do you know if there is spyware on your computer?

   The  following symptoms may indicate that spyware is installed on your
   computer:
     * you are subjected to endless pop-up windows
     * you  are redirected to web sites other than the one you typed into
       your browser
     * new, unexpected toolbars appear in your web browser
     * new,  unexpected  icons  appear  in the task tray at the bottom of
       your screen
     * your browser's home page suddenly changed
     * the  search  engine your browser opens when you click "search" has
       been changed
     * certain  keys  fail  to  work  in  your browser (e.g., the tab key
       doesn't work when you are moving to the next field within a form)
     * random Windows error messages begin to appear
     * your  computer  suddenly  seems very slow when opening programs or
       processing tasks (saving files, etc.)

How can you prevent spyware from installing on your computer?

   To  avoid  unintentionally  installing  it yourself, follow these good
   security practices:
     * Don't  click  on  links  within  pop-up  windows  - Because pop-up
       windows are often a product of spyware, clicking on the window may
       install  spyware  software  on  your computer. To close the pop-up
       window, click on the "X" icon in the titlebar instead of a "close"
       link within the window.
     * Choose   "no"  when  asked  unexpected  questions  -  Be  wary  of
       unexpected   dialog  boxes  asking  whether  you  want  to  run  a
       particular  program or perform another type of task. Always select
       "no" or "cancel," or close the dialog box by clicking the "X" icon
       in the titlebar.
     * Be  wary of free downloadable software - There are many sites that
       offer  customized toolbars or other features that appeal to users.
       Don't  download  programs  from sites you don't trust, and realize
       that  you  may be exposing your computer to spyware by downloading
       some of these programs.
     * Don't follow email links claiming to offer anti-spyware software -
       Like  email  viruses, the links may serve the opposite purpose and
       actually install the spyware it claims to be eliminating.

   As  an  additional  good  security  practice,  especially  if  you are
   concerned  that  you  might  have  spyware on your machine and want to
   minimize the impact, consider taking the following action:
     * Adjust  your  browser  preferences  to  limit  pop-up  windows and
       cookies  -  Pop-up  windows  are  often  generated by some kind of
       scripting  or  active  content. Adjusting the settings within your
       browser  to  reduce  or  prevent  scripting  or active content may
       reduce  the  number  of  pop-up windows that appear. Some browsers
       offer  a specific option to block or limit pop-up windows. Certain
       types  of  cookies  are  sometimes considered spyware because they
       reveal  what  web  pages  you  have  visited.  You can adjust your
       privacy  settings  to  only allow cookies for the web site you are
       visiting  (see  Browsing  Safely: Understanding Active Content and
       Cookies  and  Evaluating  Your Web Browser's Security Settings for
       more information).

How do you remove spyware?

     * Run  a  full scan on your computer with your anti-virus software -
       Some  anti-virus software will find and remove spyware, but it may
       not  find  the spyware when it is monitoring your computer in real
       time.  Set  your  anti-virus  software to prompt you to run a full
       scan  periodically (see Understanding Anti-Virus Software for more
       information).
     * Run a legitimate product specifically designed to remove spyware -
       Many  vendors  offer  products  that  will  scan your computer for
       spyware  and remove any spyware software. Popular products include
       Lavasoft's  Ad-Aware, Webroot's SpySweeper, PestPatrol, and Spybot
       Search and Destroy.
     * Make  sure  that  your  anti-virus  and  anti-spyware software are
       compatible  - Take a phased approach to installing the software to
       ensure  that  you  don't  unintentionally  introduce problems (see
       Coordinating Virus and Spyware Defense for more information).
     _________________________________________________________________

   Authors: Mindi McDowell, Matt Lytle
     _________________________________________________________________

    Produced 2007 by US-CERT, a government organization.

    Note: This tip was previously published and is being re-distributed 
    to increase awareness. 
  
    Terms of use
 
    <http://www.us-cert.gov/legal.html>
  
    This document can also be found at
 
    <http://www.us-cert.gov/cas/tips/ST04-016.html>
 

    For instructions on subscribing to or unsubscribing from this
    mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
     
     
     

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRsMp5/RFkHkM87XOAQI/Ngf+MEdaHbBks+6QxaMjb5EYLrLP97qWMe/l
l2WCZPWxOC/QCoPg9VN6imoJGIZBiB9PTieIggN3rb8OGJP4lnwnkAjaB7bs0WOS
D2LDWIeaxk/9v6w5/uUCIfB446Ptd78hHjOQ0X5HcvaFSp79HhaNvCPJXcNcCTIQ
nYevhFzGS0TFOkoltqXsp3OlEIqcqVCTWQVqUTJQobInR7XbgkOiquZ+65Kapg6D
uqBxOwBesZ5SZA0FQ8E78qPytOEhCQJXGQLJ9A0lE2J6qu2IwtPpJU7Ui5bfIUeN
RfNqpMnK8ysjiB2+aDgxQ2zR70J2ixi40Tr9qSi8zng0WFOUpLHPQw==
=KFO1
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux