US-CERT Cyber Security Tip ST04-016 -- Recognizing and Avoiding Spyware

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

   National Cyber Alert System
   Cyber Security Tip ST04-016

Recognizing and Avoiding Spyware

   Because of its popularity, the internet has become an ideal target for
   advertising. As a result, spyware, or adware, has become increasingly
   prevalent. When troubleshooting problems with your computer, you may
   discover that the source of the problem is spyware software that has been
   installed on your machine without your knowledge.

What is spyware?

   Despite its name, the term "spyware" doesn't refer to something used by
   undercover operatives, but rather by the advertising industry. In fact,
   spyware is also known as "adware." It refers to a category of software that,
   when installed on your computer, may send you pop-up ads, redirect your
   browser to certain web sites, or monitor the web sites that you visit. Some
   extreme, invasive versions of spyware may track exactly what keys you type.
   Attackers may also use spyware for malicious purposes.

   Because of the extra processing, spyware may cause your computer to become
   slow or sluggish. There are also privacy implications:
     * What information is being gathered?
     * Who is receiving it?
     * How is it being used?

How do you know if there is spyware on your computer?

   The  following symptoms may indicate that spyware is installed on your
   computer:
     * you are subjected to endless pop-up windows
     * you are redirected to web sites other than the one you typed into your
       browser
     * new, unexpected toolbars appear in your web browser
     * new, unexpected icons appear in the task tray at the bottom of your
       screen
     * your browser's home page suddenly changed
     * the search engine your browser opens when you click "search" has been
       changed
     * certain keys fail to work in your browser (e.g., the tab key doesn't
       work when you are moving to the next field within a form)
     * random Windows error messages begin to appear
     * your  computer  suddenly  seems very slow when opening programs or
       processing tasks (saving files, etc.)

How can you prevent spyware from installing on your computer?

   To avoid unintentionally installing it yourself, follow these good security
   practices:
     * Don't click on links within pop-up windows - Because pop-up windows are
       often a product of spyware, clicking on the window may install spyware
       software on your computer. To close the pop-up window, click on the "X"
       icon in the titlebar instead of a "close" link within the window.
     * Choose "no" when asked unexpected questions - Be wary of unexpected
       dialog boxes asking whether you want to run a particular program or
       perform another type of task. Always select "no" or "cancel," or close
       the dialog box by clicking the "X" icon in the titlebar.
     * Be wary of free downloadable software - There are many sites that offer
       customized  toolbars or other features that appeal to users. Don't
       download programs from sites you don't trust, and realize that you may
       be  exposing your computer to spyware by downloading some of these
       programs.
     * Don't follow email links claiming to offer anti-spyware software - Like
       email viruses, the links may serve the opposite purpose and actually
       install the spyware it claims to be eliminating.

   As an additional good security practice, especially if you are concerned
   that you might have spyware on your machine and want to minimize the impact,
   consider taking the following action:
     * Adjust your browser preferences to limit pop-up windows and cookies -
       Pop-up windows are often generated by some kind of scripting or active
       content. Adjusting the settings within your browser to reduce or prevent
       scripting or active content may reduce the number of pop-up windows that
       appear. Some browsers offer a specific option to block or limit pop-up
       windows. Certain types of cookies are sometimes considered spyware
       because they reveal what web pages you have visited. You can adjust your
       privacy settings to only allow cookies for the web site you are visiting
       (see Browsing Safely: Understanding Active Content and Cookies and
       Evaluating Your Web Browser's Security Settings for more information).

How do you remove spyware?

     * Run a full scan on your computer with your anti-virus software - Some
       anti-virus software will find and remove spyware, but it may not find
       the spyware when it is monitoring your computer in real time. Set your
       anti-virus software to prompt you to run a full scan periodically (see
       Understanding Anti-Virus Software for more information).
     * Run a legitimate product specifically designed to remove spyware - Many
       vendors offer products that will scan your computer for spyware and
       remove  any  spyware software. Popular products include Lavasoft's
       Ad-Aware, Microsoft's Window Defender, Webroot's SpySweeper, and Spybot
       Search and Destroy.
     * Make sure that your anti-virus and anti-spyware software are compatible
       - Take a phased approach to installing the software to ensure that you
       don't unintentionally introduce problems (see Coordinating Virus and
       Spyware Defense for more information).
     _________________________________________________________________

   Authors: Mindi McDowell, Matt Lytle
     _________________________________________________________________

   Copyright 2004 Carnegie Mellon University. Terms of use
   US-CERT

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSwV399ucaIvSvh1ZAQLVmAf+OmcQ19tC2n+ISq6m944oN4jJw3xw8qvM
PPDJFO9FlxZrAJ2iE5qX1FhderUIDOZ+t6YMoDh5NLkZ5hvtHlxqU/qwdpOqh4jy
DniMsZ8CYbxBYAH9IHWQZb2N7phU/B8T/x6cp/lHk5SMHKsGmD6/ULHG0c39AXOx
fHvwZvVgLW5QcchsuPwMsrX12YgXu2QEdxhcSLuLSTbT9jlpwLCo0o79a00ymhih
tkk+YgQCdfleEyJI5w9kcWwSH/yoCrg60ngr7qIo0U3Wr789T2dXwRy+idjHidUn
5qhUqU/vDq4bFHYKA/GJMwMLDVicDRtDtcF9HkeblvxvwZc+Y0I6Wg==
=dMGu
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux