Portal de Periódicos da CAPES

Spyware Protection: Seek and Destroy Embedded Bugs

2007; American Institute of Certified Public Accountants; Volume: 203; Issue: 4 Linguagem: Inglês

0021-8448

James P. Davis,

Digital and Cyber Forensics

Embedded stealthily on the hard drives of many computers--even those protected with conventional antivirus software--are tiny unfriendly programs variously called spyware, malware or adware. Most are simply nuisances, triggering unsolicited pop-up advertisements or surreptitiously changing your default Web page so you'll visit specific commercial sites. But others are frighteningly malicious. They covertly gather sensitive data from computers they infect and transmit them via the Internet to unscrupulous people who try to profit from that information. Other spyware bugs browse through a computer and delete or even modify files. Read on to find out how to protect yourself from these threats. Spyware is technically a virus, but unlike most viruses its usual goal is not to destroy data but to steal them. Spyware tracks where you browse or triggers pop-up screens designed to make online sales. Spyware can enter a computer in several ways--via freeware and shareware software, spam e-mail, attachments or Web pages (see accompanying article, Surf Safely). Most general antivirus programs, even those that claim to wipe out spyware, are rarely totally effective because this breed of pest is unique and requires special attention. Spyware bugs are often parasites attached to legitimate programs; this makes them appear to the antivirus product more like a normal program and thus avoid detection. In addition, unlike virus writers who earn nothing but scorn for their efforts--and often go to jail if they are caught--spyware writers are well compensated for their skills by illicit marketing firms and so are among the best and brightest programmers. INFECTION SYMPTOMS How do you know if your computer is infected? Often you don't. The most effective spyware programs display no symptoms, so the computer user is unaware dirty tricks are being secretly perpetrated while the machine is running. Less-sophisticated spyware, however, causes various symptoms. The most common are persistent pop-ups that appear even when you aren't surfing the Internet or are unrelated to the content you are browsing. Other symptoms include sluggish computer performance, unauthorized changes to your Internet browserg default home page, the sudden appearance of new browser toolbars and even random crashes. In addition, dial-up Internet users may suddenly discover unidentified 900-number telephone toll charges caused by spyware programs known as dialers. The only sure way to discover whether your computer is infected, and to thoroughly cleanse it, is to run an antispyware product. Such software doesn't just scan your hard disk; it also checks the Windows registry (that's the control center of an operating system) and examines each background application. If a bug is identified, the software usually gives you three options: ignore it (in the event you recognize what you found isn't really spyware), quarantine it (if you're not sure what it is and want to cordon it off for safety) or delete it. If you search the Internet for anttspyware software products, you'll find scores of links for products whose prices range from free to hundreds of dollars. Many cost less than $50. Most that carry a price tag offer users time-limited evaluation copies; a few are free, but they lack the more powerful extras of the products you pay for. If you're wondering why an antispyware publisher would offer its product not only without an evaluation time limit but at no cost, consider this: If users like the free product, they are apt to pay for the upgraded personal version; in some instances, they will recommend that their employers buy the much more expensive enterprise edition for the whole company So, ironically, they too use software as a marketing tool--but without malicious furtiveness. …