WHAT IS SPWARE AND HOW TO STAY SAFE FROM THIS?
Spyware's role is to gather information about a person or business without their knowledge and then transmit it to another entity without the consent of the party concerned, or to take control of a device without their knowledge or his owner. Spyware collects information on browsing habits and Internet usage in particular, and targets a wide range of individuals with the aim of killing as many people as possible.
Mode of propagationTo be successful, spyware must be
installed on a victim's computer without their knowledge. Here is a list of the
most common access points:
Passive downloads: If an
individual clicks on an unknown link or attachment in an email, it can trigger
the download of an executable file. Simply visiting a malicious website and
viewing a page or banner ad can lead to what is known as a “passive download”.
Deceptive Marketing: The
authors of spyware present their programs as downloadable utilities: Internet
accelerator, download manager, hard disk cleaner or alternative Internet search
service. Victims therefore find themselves installing spyware to access the
desired features.
Bundled software: A
really useful software package can also conceal a malicious add-on, extension
or plugin. They advertise themselves as necessary components, but are actually
spyware that remains even after the host application is uninstalled.
Trojans, Worms, and Backdoors: These threats distribute spyware in addition to their primary
malicious intent.
Types of spyware
There are a few recurring issues:
Adware: Displays unwanted
advertising on users' system.
System monitoring software:
Installs on a system with the intention of monitoring all activity, including
key presses or the audio signal from the microphone.
Cookie tracking software:
Send information about user purchasing habits to a consumer data aggregator.
Trojans: Allow a hacker to control
a user's system.
Spyware typically includes the
following functions:
Password thieves: They
are designed to recover passwords from infected systems. These can be
identifiers from web browsers, the root system, or third-party applications.
These passwords are then either stored in a hidden location on the infected
device until a manual transfer request is made, or transferred automatically at
regular intervals.
Bank Trojans: These
applications target financial institutions in order to retrieve protected
credentials. They look for security holes in browsers to modify web pages,
alter the content of transactions, sometimes going so far as to add fake
transactions, while remaining invisible to the user and the host. These special
trojans target many financial institutions, including banks, brokerage firms,
digital wallets and financial portals. Finally, all the information thus
collected is transmitted to remote servers for later use.
Keyloggers: Also
known as system monitors, keyloggers are designed to monitor and record
computer activity: keystrokes, search and web history, communication logs
(including email), and system IDs. In order to more effectively track the source
of important information and better visualize it, keyloggers can also take
screenshots at regular intervals. They can further record and transmit images,
sound and video from devices connected to the infected system. All this
confidential information is then transferred to a remote server for later use.
How to fight spyware?
If functioning properly, spyware
will go unnoticed by most people. However, in case of suspicion of an attack,
the first thing to do is to make sure that the system has been thoroughly
disinfected so that the new passwords are not compromised. A strong
cybersecurity program or dedicated spyware removal service can clean up
artifacts and repair corrupted files or settings.
Once the system has been cleaned,
it is important to contact any institution linked to the pirated data (IT
department, financial institution, etc.) to warn them of possible fraudulent
activity. Depending on the compromised information on the infected machine, and
especially if it is related to a business or business, the law may require that
the violation be reported to law enforcement authorities and / or made public.
How to protect yourself against spyware?
The best defense against spyware,
as against most malware, is in user behavior. However, there are security
devices suitable for both private users and large companies:
Behavior and Awareness: Train
users to recognize emails and attachments from unknown or suspicious senders.
They must learn to be vigilant of hyperlinks, and to always check them before
clicking.
Browser Protection: While
no browser is safe from attack, Internet Explorer, especially any outdated
version, is at much higher risk of spyware infection due to its large user
base. Serious vulnerabilities such as ActiveX for example can thus affect a
very large part of Internet users, who mainly use IE as a browser.
ISP Firewalls and Proxies:
Some ISPs use network firewalls and proxy servers to block access to websites
known to install spyware.
Personal firewalls: These
monitor the flow of information to and from computers on the network and
protect against both spyware and malware.
Why is spyware important?
The threat posed by spyware to
personal and corporate networks is considerable, and the means to combat this
scourge are as essential to network security as anti-virus and anti-spam
devices. The following are the most common spyware problems IT departments deal
with:
·
Loss of productivity
·
Increased support costs
·
Liability for breaches of
privacy
·
Intellectual property
theft
·
(Premature) disclosure of
information
·
Loss of credibility and
damage to brand image
Protecting and combating
spyware should feature prominently in corporate security strategy and deserve
as much attention as efforts against viruses and spam.
Comments
Post a Comment