When you go online, don't assume that your privacy is secure. Prying eyes often follow your activity-and your personal information-with a pervasive form of malicious software called spyware. In fact, it's one of the oldest and most widespread threats on the Internet, secretly infecting your computer without permission in order to initiate a variety of illegal activities. It's easy to fall prey to and can be hard to get rid of, especially since you're most likely not even aware of it. But relax; we've got your back with all you need to know about what spyware is, how you get it, what it tries to do to you, how to deal with it, and what to do to avoid future spyware attacks.
Spyware. Although it sounds like a James Bond gadget, it’s actually a generic term for malicious software that infects your PC or mobile device and gathers information about you, your browsing and Internet usage habits, as well as other data.
No big surprise—spyware is sneaky, usually finding its way onto your computer without your knowledge or permission, attaching itself to your operating system, maintaining a presence on your PC. You might have even inadvertently given permission for the spyware to install itself when you agree to the terms and conditions of a seemingly legitimate program you downloaded without reading the fine print.
But no matter how spyware invades your PC, it runs quietly in the background, collecting information or monitoring your activities in order to trigger malicious activities related to your computer and how you use it. That includes capturing keystrokes, screen shots, authentication credentials, personal email addresses, web form data, Internet usage information, and other personal information, such as credit card numbers.
“Spyware runs quietly in the background, collecting information.”
And even if you discover its unwelcome presence on your system, it does not come with an easy uninstall feature.
Spyware can infect your system in the same ways that any other malware does, by means of a Trojan, a virus, worm, exploit, and other types of malware. Here are a few of spyware’s main techniques to infect your PC or mobile device:
“Mobile spyware has been around since mobile devices became mainstream.”
In most of the cases, the functionality of any spyware threat depends on the intentions of its authors. For example, some typical functions designed into spyware include the following:
Public references to the term “spyware” date back to late 1996, when it appeared in an industry article. By 1999, it was used in an industry press release, described as we define it today. The term was an instant hit in the mass media and among its audiences. Soon after, in June 2000, the first anti-spyware application was released.
“References to spyware date back to 1996.”
In October 2004, America Online and the National Cyber-Security Alliance performed a survey. The result was startling. About 80% of all Internet users have their system affected by spyware, about 93% of spyware components are present in each of the computers, and 89% of the computer users were unaware of their existence. Out of the affected parties, almost all, about 95%, confessed that they never granted permission to install them.
At present, and in general, the Windows operating system is the more favorable target of the spyware applications, thanks to its widespread use. However, in recent years spyware developers have also turned their attention to the Apple platform, as well as to mobile devices.
Spyware authors have historically concentrated on the Windows platform because of its large user base when compared to the Mac. However, the industry has seen a big jump in Mac malware in 2017, the majority of which is spyware. Although spyware authored for the Mac has similar behaviors as the Windows variety, most of the Mac spyware attacks are either password stealers or general-purpose backdoors. In the latter category, the spyware’s malicious intent includes remote code execution, keylogging, screen captures, arbitrary file uploads and downloads, password phishing, and so on.
“The industry has seen a big jump in Mac malware in 2017, the majority of which is spyware.”
In addition to malicious spyware, there's also so-called "legitimate" spyware for Macs. This software is actually sold by a real company, from a real website, usually with the stated goal of monitoring children or employees. Of course, such software is a two-edged sword, as it’s very often misused, providing the average user with a way of accessing spyware capabilities without needing any special knowledge.
Mobile spyware hides undetected in the background (creating no shortcut icon) on a mobile device and steals information such as incoming/outgoing SMS messages, incoming/outgoing call logs, contact lists, emails, browser history, and photos. Mobile spyware can also potentially log your keystrokes, record anything within the distance of your device’s microphone, secretly take pictures in the background, and track your device’s location using GPS. In some cases, spyware apps can even control devices via commands sent by SMS messages and/or remote servers. The spyware can send your stolen information via data transfer to a remote server or through email.
Also, it's not just consumers that mobile spyware criminals target. If you use your smartphone or tablet in the workplace, hackers can turn their attack to your employer organization through vulnerabilities in mobile devices. Moreover, your corporation’s incident response team may not detect breaches that originate through a mobile device.
Spyware breaches on smartphones commonly occur in three ways:
Unlike some other types of malware, spyware authors do not really target specific groups or people. Instead, most spyware attacks cast a wide net to collect as many potential victims as possible. And that makes everyone a spyware target, as even the slightest bit of information might find a buyer.
“Spyware attacks cast a wide net to collect as many potential victims as possible.”
For instance, spammers will buy email addresses and passwords in order to support malicious spam or other forms of impersonation. Spyware attacks on financial information can drain bank accounts, or can support other forms of fraud using legitimate bank accounts.
Information obtained through stolen documents, pictures, video, or other digital items can even be used for extortion purposes.
So, at the end of the day, no one is immune from spyware attacks, and attackers usually care little about whom they are infecting, as opposed to what they are after.
If your spyware infection is working as designed, it will be invisible unless you’re technically savvy enough to know exactly where to look. You could be infected and never know. But if you suspect spyware, the first order of business is to make sure your system has been cleaned of any infection so that new passwords are not compromised. Get yourself a robust cybersecurity program with a reputation for aggressive spyware removal technology. Aggressive spyware removal thoroughly cleans up spyware artifacts and repairs altered files/settings.
After you have cleaned your system, think about contacting your financial institutions to warn of potential fraudulent activity. Depending on the compromised information on your infected machine, and especially if it is connected to a business or enterprise, you may be required by law to report breaches to law enforcement and/or make a public disclosure. If information is sensitive in nature, or involving the collection and transmission of images, audio, and/or video, you should contact local law-enforcement authorities to report potential violations of federal and state laws.
One last thing: Many purveyors of identity theft protection advertise their services to monitor for fraudulent transactions, or to place a freeze on your credit account to prevent any form of activity. Activating a credit freeze is definitely a good idea. However, Malwarebytes advises against purchasing identity theft protection.
“Many purveyors of identity theft protection advertise their services to monitor for fraudulent transactions…”
The best defense against spyware, as with most malware, starts with your behavior. Follow these basics of good cyber self-defense:
But as people have gotten smarter about cyber self-defense, hackers have turned to more sophisticated spyware delivery methods, so installing a reputable cybersecurity program is necessary to counter advanced spyware.
Look for cybersecurity that includes real-time protection. Real-time protection automatically blocks spyware and other threats before they can activate on your computer. Some traditional cybersecurity or antivirus products rely heavily on signature-based technology—these products can be easily circumvented, especially by new threats.
You should also look out for features that block the delivery of spyware itself on your machine, such as anti-exploit technology and malicious website protection, which blocks websites that host spyware. The premium version of Malwarebytes has a solid reputation for spyware protection.
Digital life comes with ubiquitous dangers in the daily online landscape. Fortunately, there are straightforward and effective ways to protect yourself. Between a cybersecurity suite and commonsense precautions, you should be able to keep every machine you use free from spyware invasions and their malicious intent.
See all our reporting on spyware at Malwarebytes Labs.