logging in or signing up SPYWAREpresentation mitalinarwani Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 19 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: September 17, 2010 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript SPYWARE : SPYWARE “A good defense starts with a thorough understanding of your opponent’s offense.” SPY-WARE : SPY-WARE SPYWARE the word is a conjunction of two words- Spy and Software. SPY- “noun (plural spies) a person who secretly collects information on an enemy or competitor: verb (spies, spying, spied) 1 be a spy. 2 (spy on) watch secretly 3 see or notice.” SOFTWARE- “(noun) programs and other operating information used by a computer.” WHAT IS SPYWARE? : WHAT IS SPYWARE? Spyware is computer software that collects personal information about users without their informed consent. The term “spyware” has been applied to everything from keystroke loggers, advertising applications that track users’ web browsing, web cookies, to programs designed to help provide security patches directly to users. General categories of applications described as SPYWARE: : General categories of applications described as SPYWARE: SPYWARE ADWARE LEGITIMATE SOFTWARE SPYWARE : SPYWARE Sometimes called “snoopware”, are typically stand-alone programs installed intentionally by one user onto a computer used by others. Some capture all keystrokes and record periodic screen shots, while others are more focused, just grabbing websites visited or suspected passwords. These programs have legal uses (e.g. for certain narrow kinds of employee monitoring) as well as many clearly illegal ones. ADWARE : ADWARE Applications that install themselves covertly through “drive-by downloads” or by piggybacking on other applications and track users’ behaviors and take advantage of their Internet connection. These programs start-up on their own and make unauthorized use of users’ computers and Internet connections, in many cases transmitting information about the user or it’s computer back to a central location. They often resist uninstallation and usually do not capture keystrokes or screenshots. LEGITIMATE SOFTWARE : LEGITIMATE SOFTWARE These include programs based on legitimate business models that incorporate features with flawed user privacy protections. Generally, the problem relates to the unnecessary inclusion or inappropriate use of a unique program ID, which creates the potential for user tracking. PLEASE NOTE : PLEASE NOTE The lines between the three categories we present can be fuzzy and it is sometimes difficult to tell which group any given application rightfully belongs in. Also, it is in the first two cases that the spyware label is the most appropriate. In the third case, it is not. What do Spyware and Adware applications do ? : What do Spyware and Adware applications do ? Spyware may collect different types of information. Some variants attempt to track the websites a user visits and then send this to an advertising agency. More malicious variants attempt to intercept passwords or credit card numbers as a user enters them into a web form or other applications. Purposes range from overtly criminal (theft of passwords and financial details) to the merely annoying (recording Internet search history for targeted advertising, while consuming computer resources) Slide 10: These programs can change the appearance of websites, modify users’ “start” and “search” pages in their browsers or change low level system settings. They are often responsible for significant reductions in computer performance and system stability. Even in cases where these programs transmit no personally identifiable information, their hidden, unauthorized use of users’ computers and Internet connections threatens the security of computers and the integrity of online communications. Slide 11: While many spyware programs piggyback on other applications or trick users into authorizing installations through deceptive browser pop-ups, some spread themselves by exploiting security vulnerabilities in email attachments or browsers. Furthermore, many of these programs create major new security vulnerabilities by including capabilities to automatically download and install additional pieces of code without notifying users or asking for their consent Slide 12: Unfortunately, the story doesn’t end here. Even though the problems described above are cause for general security concern, what is more alarming is illegal use of these programs. What is even worse, many of these programs are intentionally created for that purpose only! For example… The TROJAN HORSE- SubSeven : The TROJAN HORSE- SubSeven What is a Trojan Horse? In the context of computer software, a Trojan horse is a program that contains or installs a malicious program (sometimes called the payload or 'trojan') on your computer. Trojan horse programs cannot operate autonomously, in contrast to some other types of malware, like viruses or worms. The TROJAN HORSE- SubSeven : The Trojan Horse SubSeven is made only for one purpose – gathering information from victims. Once installed on your machine, it gives hacker almost unlimited access of your computer. Not only that it captures keystrokes and screenshots but it gives hacker full access to all your drives and files, e-mails, ability to use your computer as a bridge to other hacking activities, disable your keyboard and mouse All personal data is compromised. The TROJAN HORSE- SubSeven The TROJAN HORSE- SubSeven : Now, once the hacker has all your friends’ e-mail addresses, he can easily spread his spyware software to them too! All he has to do is send an e-mail signed by you to them from your own account (he has access to that too) and attach the Trojan to it. This is the most commonly used way to spread spyware, adware and viruses. Beside hackers, many companies are also gathering private information from users using their software. The TROJAN HORSE- SubSeven Other Examples of Spyware:- : Other Examples of Spyware:- 1. Invisible Key Logger Stealth: Queens’s resident Ju Ju Jiang admitted to installing a key logger called Invisible Key Logger Stealth (IKS) on public computers at 13 Kinko’s stores in New York. Jiang acquired over 450 banking passwords and usernames from customers who used the public computers. She used the stolen financial information to open new bank accounts and then transfer money from legitimate accounts into her new accounts. Slide 17: 2. ALTNET: Another category of spyware consists of programs that do not represent an immediate privacy threat because they do not collect user information, but still hijack the user’s computer and Internet connection for their own purposes. The most prominent recent example is “Altnet.” Slide 18: In April 2003, it was discovered that software with undisclosed networking capabilities was being bundled with the then popular Kazaa Media Desktop. Installing the Kazaa file-sharing program also installed a companion program, “Altnet” created by a company called Brilliant Digital Entertainment (BDE). Through Altnet, BDE had the ability to activate the user’s computer as a node in a distributed storage and computing network distinct from Kazaa’s existing peer-to-peer network. Slide 19: 3. CoolWebSearch: A group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including coolwebsearch.com. It displays pop-up ads, rewrites search engine results. Slide 20: 4. Internet Optimizer: Also known as DyFuCa. Redirects Internet Explorer error pages to advertising i.e., when users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, Internet Optimizer makes it impossible for the user to access password-protected sites. Slide 21: 5. 180 Solutions: 180 Solutions (now Zango) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions company. It opens pop-up ads that cover over the Web sites of competing companies. HOW CAN I GET “INFECTED” WITH SPYWARE? : HOW CAN I GET “INFECTED” WITH SPYWARE? Spyware and Adware can be acquired: When you unknowingly give your permission while downloading/installing applications. During a peer-to-peer (P2P) file transfer or software download. When you click on a deceptive or confusing pop-up. HOW CAN I GET “INFECTED” WITH SPYWARE? : HOW CAN I GET “INFECTED” WITH SPYWARE? When you install insecure shareware/freeware and P2P applications. When you open e-mails you’re not sure are legitimate (spam mail). When simply visiting certain Web sites. When you accept and receive files when chatting on-line with persons you personally do not know Users’ unintentional permission: : Users’ unintentional permission: During an installation process you are asked to choose whether you wish to install an additional software as well. Features of such additional software are usually not completely described or their real purpose is hidden somewhere in long description, usually in form of a note. But, no matter what the case is, creators of such installation packages count on your thoughtless and unawareness, and hope that you will not pay necessary attention to such notices or will not notice them at all) and will permit installation of additional spyware software. Slide 25: Moreover, those additionally installed applications are not presented in Add/Remove Programs (in Windows) and have no visible screens while running user may never know about them! Also, when uninstalling main applications, these additional applications remain on users’ computer. P2P file transfer or software download: : P2P file transfer or software download: NOTE- By using P2P (peer to peer) software, you already crossed half the way to get infected by adware/spyware application! You can never know the real content of the files you download, especially if you’re downloading executables i.e., there is no guarantee that downloaded .exe file will do only what its’ description says. In many cases, executables contain spyware/adware which are installed on your machine first time you run it. Some applications only carry spyware/adware applications, while other are altered and are spyware/adware itself. Deceptive or confusing pop-ups: : Deceptive or confusing pop-ups: Some pop-up screens don’t actually deliver advertisements but install unwanted software on your system and change your system configurations. NOTE- These pop-ups can be very clever. Instead of “To install this program, click Yes,” the prompt unexpectedly reads, “To install this program, click No.” Later, you may find that the computer now displays new bookmarks and a different home page as well as having unwanted software installed. Example -1 of deceptive POP UPS: : Example -1 of deceptive POP UPS: Example -2 of deceptive POP UPS: : Example -2 of deceptive POP UPS: Shareware – freeware – P2P software: : Shareware – freeware – P2P software: Shareware: Shareware is a marketing method for computer software. Software is typically obtained free of charge, either by downloading from the Internet or on magazine cover-disks. A user tries out the program, and thus shareware has also been known as "try before you buy". A shareware program is accompanied by a request for payment, and the software's distribution license often requires such a payment Shareware – freeware – P2P software: : Shareware – freeware – P2P software: Freeware: Freeware is copyrighted computer software which is made available for use free of charge, for an unlimited time, as opposed to shareware where the user is required to pay (e.g. after some trial period). P2P networks: P2P networks are typically used for connecting nodes via large connections. Such networks are useful for many purposes. Sharing content files containing audio, video, data or anything in digital format is very common, and realtime data, such as telephony traffic, is also passed using P2P technology. Slide 32: There are well over 800 shareware-freeware which also include adware and spyware and the numbers of web sites that include these types of installers is impossible to calculate. These Freeware and Shareware applications are located all over the internet as “Easy downloads”. They can be found on CNet, Tucows and hundreds of other locations offering free & low cost bargains. Slide 33: Most of these products make no real statement that they include adware or spyware and if they do it is buried in the "terms of use“. The known third-party applications bundled with these downloads include Cydoor, TopText, Onflow, Webhancer, BonziBuddy, ClickTillUWin, and New.net in addition to Trojans and viruses such as the self replicating Nimda virus. Opening insecure e-mails: : Opening insecure e-mails: Many spyware / adware applications are being distributed through e-mail. Content of such mails can vary – from the ones informing you that you won a free trip to some famous tourist destination to those that contain no text at all but only suspicious attachment. When you open such e-mail, usually silent installation process that installs spyware on your computer is started. Visit to certain Web sites: : Visit to certain Web sites: Some Spyware is secretly downloaded when you launch a program acquired from a Web site: For example, a pop-up may notify you that a special plug-in is required to run a video or movie file. In this case, what appears to be a legitimate plug-in could actually be spyware. Some spyware takes advantage of known vulnerabilities in the Microsoft® Windows operating system and Internet Explorer browser to secretly place spyware your computer. Slide 36: Another method bypasses the security settings altogether by exploiting a bug in Internet Explorer versions 4 and 5. These versions allow Web scripts to gain access to a hard drive by overflowing the browser with data. Malicious webmasters use this exploit to install spyware or modify the way the browser works. Accepting files while chatting on-line: : Accepting files while chatting on-line: NOTE- Chat sites are probably one of the primary places that hackers’ activity takes place. In many cases, when chatting with persons you don’t know face to face, be sure to double check all files received. You would be amazed with number of users that got infected simply by accepting and running files from persons they met in chatroom! For example, if your “friend” offers you to send his photo, be sure that file you received doesn’t have double extensions (like .jpg.exe or similar) – in such cases you can be sure that file is spyware. HOW CAN I KNOW THAT SPYWARE IS INSTALLED ON MY COMPUTER? : HOW CAN I KNOW THAT SPYWARE IS INSTALLED ON MY COMPUTER? Generally, if you notice anything strange going on with your computer (strange pop-ups, different home page in your Web browser, new icons…) it is highly possible that your computer is infected with spyware/adware application! Following is a short list of the most common signs that you can notice if you have Spyware application installed on your computer:- Slide 39: You find a new finger-size hardware device connected between your keyboard cable’s plug and the corresponding socket on the back of your computer. Or maybe someone recently offered you “a better keyboard.” Your phone bill includes expensive calls to 900 numbers that you never made—probably at an outrageous per-minute rate! Slide 40: You enter a search term in Internet Explorer’s address bar and press Enter to start the search. Instead of your usual search site, an unfamiliar site handles the search. Your antispyware program or another protective program stops working correctly. It may warn you that certain necessary support files are missing, but if you restore the files they go missing again. It may appear to launch normally and then spontaneously shut down, or it may simply crash whenever you try to run it. Slide 41: A new item appears in your Favorites list without you putting it there. No matter how many times you delete it, the item always reappears there later! Your system runs noticeably slower than it did before. If you’re a Windows 2000/XP user, launching the Task Manager and clicking the Processes tab reveals that an unfamiliar process is using nearly 100 percent of available CPU cycles. Slide 42: When you start your browser, the home page has changed to something undesirable. You change it back manually, but soon you find that it has changed back again. You get pop-up advertisements when your browser is not running or when your system is not even connected to the Internet, or you get pop-up ads that address you by name. Slide 43: A search toolbar or other browser toolbar appears even though you didn’t request or install it. Your attempts to remove it fail, or it comes back after removal. Large numbers of such toolbars indicate spyware presence… : Large numbers of such toolbars indicate spyware presence… Slide 45: And the final sign is: Everything appears to be normal. The most devious spyware doesn’t leave traces you’d notice, so scan your system anyway! HOW CAN I PROTECT MYSELF FROM SPYWARE? : HOW CAN I PROTECT MYSELF FROM SPYWARE? As we’ve already mentioned the more you know about spyware and adware the better protection you have – Knowledge is power. Here we give few steps that you should follow in order to protect yourself from spyware:- Slide 47: Make sure to install and run an antispyware application: Perform on-demand scans regularly to root out spyware that slips through the cracks. Reboot after removal and rescan to make sure no ticklers, which are designed to reinstall spyware. Furthermore, be sure to activate real-time blocking abilities of your antispyware application. Regularly update your antispyware application – check for available updates at least once a week. Slide 48: Give your antispyware application some backup: In addition to an antispyware application, make sure to run both software and hardware firewalls and antivirus applications to protect yourself against Trojan horses and viruses. Zone Labs’ ZoneAlarm or Symantec AntiVirus and Internet security should do the job. Slide 49: Beware of peer-to-peer file-sharing services: Many of the most popular applications include spyware in their installation procedures. Avoid download of executables via P2P as you can never be sure of what they actually are. Watch out for cookies: Information gathered via cookies can sometimes be matched with information gathered elsewhere (via Web bugs, for example) to provide surprisingly detailed profiles of you and your browsing habits. Slide 50: Squash bugs: Web bugs are spies that are activated when you open contaminated HTML e-mail. So, get rid of unsolicited e-mail without reading it when you can; turn off the preview pane to delete messages without opening them. Protect yourself against drive-by downloads: Basically, make sure your browser settings are stringent enough to protect you. For Internet Explorer, this means your security settings for the Internet Zone should be at least medium. Slide 51: Do not open e-mails whose senders you don’t know: Even if you open such e-mail, be sure not to download (or open) any attachments. Be sure to thoroughly read all information included in the email if you do open it. When receiving files from someone (even if you know the person) run antispyware and anti-virus check on those files. Slide 52: Keep up to date on the ever-changing world of spyware! Knowing the threat will help you defeat it. There are several great sites you can visit to keep abreast of this issue: PestPatrol’s Research Center has one of the most comprehensive lists of spyware and related threats. Spyware info is another good online source of information. Best spyware remover is also great site Slide 53: Understand and communicate the risk to everyone in your home: If you are a parent, educate your kids about avoiding spyware as part of Internet safety. Use the auto-update features of your anti-virus or anti-spyware software: Set up automated scans to occur on a weekly basis and scan incoming e-mails as they arrive. Make use of Microsoft Windows Update, which provides critical updates, security fixes, and software downloads to keep Windows patched and current. NOTABLE PROGRAMS DISTRIBUTED WITH SPYWARE: : NOTABLE PROGRAMS DISTRIBUTED WITH SPYWARE: BearShare Bonzi Buddy Dope Wars ErrorGuard Grokster Kazaa Morpheus EDonkey2000 FINAL WORDS : FINAL WORDS We hope that we supplied enough information to give you proper knowledge to build a good defense against spyware. We explained you why spyware pose huge security and privacy threats, what does spyware do on your computer, how can you get infected with it and, finally, how you can successfully fight against it. Knowledge is power and by learning about spyware one can make the first step. But do not stop here! We cannot give you complete knowledge nor teach you how to protect yourself from all spyware / adware. Keep informing yourself in time to come – only that way you will guarantee your own privacy. PREPARED BY: : PREPARED BY: You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
SPYWAREpresentation mitalinarwani Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 19 Category: Science & Tech.. License: All Rights Reserved Like it (0) Dislike it (0) Added: September 17, 2010 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript SPYWARE : SPYWARE “A good defense starts with a thorough understanding of your opponent’s offense.” SPY-WARE : SPY-WARE SPYWARE the word is a conjunction of two words- Spy and Software. SPY- “noun (plural spies) a person who secretly collects information on an enemy or competitor: verb (spies, spying, spied) 1 be a spy. 2 (spy on) watch secretly 3 see or notice.” SOFTWARE- “(noun) programs and other operating information used by a computer.” WHAT IS SPYWARE? : WHAT IS SPYWARE? Spyware is computer software that collects personal information about users without their informed consent. The term “spyware” has been applied to everything from keystroke loggers, advertising applications that track users’ web browsing, web cookies, to programs designed to help provide security patches directly to users. General categories of applications described as SPYWARE: : General categories of applications described as SPYWARE: SPYWARE ADWARE LEGITIMATE SOFTWARE SPYWARE : SPYWARE Sometimes called “snoopware”, are typically stand-alone programs installed intentionally by one user onto a computer used by others. Some capture all keystrokes and record periodic screen shots, while others are more focused, just grabbing websites visited or suspected passwords. These programs have legal uses (e.g. for certain narrow kinds of employee monitoring) as well as many clearly illegal ones. ADWARE : ADWARE Applications that install themselves covertly through “drive-by downloads” or by piggybacking on other applications and track users’ behaviors and take advantage of their Internet connection. These programs start-up on their own and make unauthorized use of users’ computers and Internet connections, in many cases transmitting information about the user or it’s computer back to a central location. They often resist uninstallation and usually do not capture keystrokes or screenshots. LEGITIMATE SOFTWARE : LEGITIMATE SOFTWARE These include programs based on legitimate business models that incorporate features with flawed user privacy protections. Generally, the problem relates to the unnecessary inclusion or inappropriate use of a unique program ID, which creates the potential for user tracking. PLEASE NOTE : PLEASE NOTE The lines between the three categories we present can be fuzzy and it is sometimes difficult to tell which group any given application rightfully belongs in. Also, it is in the first two cases that the spyware label is the most appropriate. In the third case, it is not. What do Spyware and Adware applications do ? : What do Spyware and Adware applications do ? Spyware may collect different types of information. Some variants attempt to track the websites a user visits and then send this to an advertising agency. More malicious variants attempt to intercept passwords or credit card numbers as a user enters them into a web form or other applications. Purposes range from overtly criminal (theft of passwords and financial details) to the merely annoying (recording Internet search history for targeted advertising, while consuming computer resources) Slide 10: These programs can change the appearance of websites, modify users’ “start” and “search” pages in their browsers or change low level system settings. They are often responsible for significant reductions in computer performance and system stability. Even in cases where these programs transmit no personally identifiable information, their hidden, unauthorized use of users’ computers and Internet connections threatens the security of computers and the integrity of online communications. Slide 11: While many spyware programs piggyback on other applications or trick users into authorizing installations through deceptive browser pop-ups, some spread themselves by exploiting security vulnerabilities in email attachments or browsers. Furthermore, many of these programs create major new security vulnerabilities by including capabilities to automatically download and install additional pieces of code without notifying users or asking for their consent Slide 12: Unfortunately, the story doesn’t end here. Even though the problems described above are cause for general security concern, what is more alarming is illegal use of these programs. What is even worse, many of these programs are intentionally created for that purpose only! For example… The TROJAN HORSE- SubSeven : The TROJAN HORSE- SubSeven What is a Trojan Horse? In the context of computer software, a Trojan horse is a program that contains or installs a malicious program (sometimes called the payload or 'trojan') on your computer. Trojan horse programs cannot operate autonomously, in contrast to some other types of malware, like viruses or worms. The TROJAN HORSE- SubSeven : The Trojan Horse SubSeven is made only for one purpose – gathering information from victims. Once installed on your machine, it gives hacker almost unlimited access of your computer. Not only that it captures keystrokes and screenshots but it gives hacker full access to all your drives and files, e-mails, ability to use your computer as a bridge to other hacking activities, disable your keyboard and mouse All personal data is compromised. The TROJAN HORSE- SubSeven The TROJAN HORSE- SubSeven : Now, once the hacker has all your friends’ e-mail addresses, he can easily spread his spyware software to them too! All he has to do is send an e-mail signed by you to them from your own account (he has access to that too) and attach the Trojan to it. This is the most commonly used way to spread spyware, adware and viruses. Beside hackers, many companies are also gathering private information from users using their software. The TROJAN HORSE- SubSeven Other Examples of Spyware:- : Other Examples of Spyware:- 1. Invisible Key Logger Stealth: Queens’s resident Ju Ju Jiang admitted to installing a key logger called Invisible Key Logger Stealth (IKS) on public computers at 13 Kinko’s stores in New York. Jiang acquired over 450 banking passwords and usernames from customers who used the public computers. She used the stolen financial information to open new bank accounts and then transfer money from legitimate accounts into her new accounts. Slide 17: 2. ALTNET: Another category of spyware consists of programs that do not represent an immediate privacy threat because they do not collect user information, but still hijack the user’s computer and Internet connection for their own purposes. The most prominent recent example is “Altnet.” Slide 18: In April 2003, it was discovered that software with undisclosed networking capabilities was being bundled with the then popular Kazaa Media Desktop. Installing the Kazaa file-sharing program also installed a companion program, “Altnet” created by a company called Brilliant Digital Entertainment (BDE). Through Altnet, BDE had the ability to activate the user’s computer as a node in a distributed storage and computing network distinct from Kazaa’s existing peer-to-peer network. Slide 19: 3. CoolWebSearch: A group of programs, takes advantage of Internet Explorer vulnerabilities. The package directs traffic to advertisements on Web sites including coolwebsearch.com. It displays pop-up ads, rewrites search engine results. Slide 20: 4. Internet Optimizer: Also known as DyFuCa. Redirects Internet Explorer error pages to advertising i.e., when users follow a broken link or enter an erroneous URL, they see a page of advertisements. However, Internet Optimizer makes it impossible for the user to access password-protected sites. Slide 21: 5. 180 Solutions: 180 Solutions (now Zango) transmits detailed information to advertisers about the Web sites which users visit. It also alters HTTP requests for affiliate advertisements linked from a Web site, so that the advertisements make unearned profit for the 180 Solutions company. It opens pop-up ads that cover over the Web sites of competing companies. HOW CAN I GET “INFECTED” WITH SPYWARE? : HOW CAN I GET “INFECTED” WITH SPYWARE? Spyware and Adware can be acquired: When you unknowingly give your permission while downloading/installing applications. During a peer-to-peer (P2P) file transfer or software download. When you click on a deceptive or confusing pop-up. HOW CAN I GET “INFECTED” WITH SPYWARE? : HOW CAN I GET “INFECTED” WITH SPYWARE? When you install insecure shareware/freeware and P2P applications. When you open e-mails you’re not sure are legitimate (spam mail). When simply visiting certain Web sites. When you accept and receive files when chatting on-line with persons you personally do not know Users’ unintentional permission: : Users’ unintentional permission: During an installation process you are asked to choose whether you wish to install an additional software as well. Features of such additional software are usually not completely described or their real purpose is hidden somewhere in long description, usually in form of a note. But, no matter what the case is, creators of such installation packages count on your thoughtless and unawareness, and hope that you will not pay necessary attention to such notices or will not notice them at all) and will permit installation of additional spyware software. Slide 25: Moreover, those additionally installed applications are not presented in Add/Remove Programs (in Windows) and have no visible screens while running user may never know about them! Also, when uninstalling main applications, these additional applications remain on users’ computer. P2P file transfer or software download: : P2P file transfer or software download: NOTE- By using P2P (peer to peer) software, you already crossed half the way to get infected by adware/spyware application! You can never know the real content of the files you download, especially if you’re downloading executables i.e., there is no guarantee that downloaded .exe file will do only what its’ description says. In many cases, executables contain spyware/adware which are installed on your machine first time you run it. Some applications only carry spyware/adware applications, while other are altered and are spyware/adware itself. Deceptive or confusing pop-ups: : Deceptive or confusing pop-ups: Some pop-up screens don’t actually deliver advertisements but install unwanted software on your system and change your system configurations. NOTE- These pop-ups can be very clever. Instead of “To install this program, click Yes,” the prompt unexpectedly reads, “To install this program, click No.” Later, you may find that the computer now displays new bookmarks and a different home page as well as having unwanted software installed. Example -1 of deceptive POP UPS: : Example -1 of deceptive POP UPS: Example -2 of deceptive POP UPS: : Example -2 of deceptive POP UPS: Shareware – freeware – P2P software: : Shareware – freeware – P2P software: Shareware: Shareware is a marketing method for computer software. Software is typically obtained free of charge, either by downloading from the Internet or on magazine cover-disks. A user tries out the program, and thus shareware has also been known as "try before you buy". A shareware program is accompanied by a request for payment, and the software's distribution license often requires such a payment Shareware – freeware – P2P software: : Shareware – freeware – P2P software: Freeware: Freeware is copyrighted computer software which is made available for use free of charge, for an unlimited time, as opposed to shareware where the user is required to pay (e.g. after some trial period). P2P networks: P2P networks are typically used for connecting nodes via large connections. Such networks are useful for many purposes. Sharing content files containing audio, video, data or anything in digital format is very common, and realtime data, such as telephony traffic, is also passed using P2P technology. Slide 32: There are well over 800 shareware-freeware which also include adware and spyware and the numbers of web sites that include these types of installers is impossible to calculate. These Freeware and Shareware applications are located all over the internet as “Easy downloads”. They can be found on CNet, Tucows and hundreds of other locations offering free & low cost bargains. Slide 33: Most of these products make no real statement that they include adware or spyware and if they do it is buried in the "terms of use“. The known third-party applications bundled with these downloads include Cydoor, TopText, Onflow, Webhancer, BonziBuddy, ClickTillUWin, and New.net in addition to Trojans and viruses such as the self replicating Nimda virus. Opening insecure e-mails: : Opening insecure e-mails: Many spyware / adware applications are being distributed through e-mail. Content of such mails can vary – from the ones informing you that you won a free trip to some famous tourist destination to those that contain no text at all but only suspicious attachment. When you open such e-mail, usually silent installation process that installs spyware on your computer is started. Visit to certain Web sites: : Visit to certain Web sites: Some Spyware is secretly downloaded when you launch a program acquired from a Web site: For example, a pop-up may notify you that a special plug-in is required to run a video or movie file. In this case, what appears to be a legitimate plug-in could actually be spyware. Some spyware takes advantage of known vulnerabilities in the Microsoft® Windows operating system and Internet Explorer browser to secretly place spyware your computer. Slide 36: Another method bypasses the security settings altogether by exploiting a bug in Internet Explorer versions 4 and 5. These versions allow Web scripts to gain access to a hard drive by overflowing the browser with data. Malicious webmasters use this exploit to install spyware or modify the way the browser works. Accepting files while chatting on-line: : Accepting files while chatting on-line: NOTE- Chat sites are probably one of the primary places that hackers’ activity takes place. In many cases, when chatting with persons you don’t know face to face, be sure to double check all files received. You would be amazed with number of users that got infected simply by accepting and running files from persons they met in chatroom! For example, if your “friend” offers you to send his photo, be sure that file you received doesn’t have double extensions (like .jpg.exe or similar) – in such cases you can be sure that file is spyware. HOW CAN I KNOW THAT SPYWARE IS INSTALLED ON MY COMPUTER? : HOW CAN I KNOW THAT SPYWARE IS INSTALLED ON MY COMPUTER? Generally, if you notice anything strange going on with your computer (strange pop-ups, different home page in your Web browser, new icons…) it is highly possible that your computer is infected with spyware/adware application! Following is a short list of the most common signs that you can notice if you have Spyware application installed on your computer:- Slide 39: You find a new finger-size hardware device connected between your keyboard cable’s plug and the corresponding socket on the back of your computer. Or maybe someone recently offered you “a better keyboard.” Your phone bill includes expensive calls to 900 numbers that you never made—probably at an outrageous per-minute rate! Slide 40: You enter a search term in Internet Explorer’s address bar and press Enter to start the search. Instead of your usual search site, an unfamiliar site handles the search. Your antispyware program or another protective program stops working correctly. It may warn you that certain necessary support files are missing, but if you restore the files they go missing again. It may appear to launch normally and then spontaneously shut down, or it may simply crash whenever you try to run it. Slide 41: A new item appears in your Favorites list without you putting it there. No matter how many times you delete it, the item always reappears there later! Your system runs noticeably slower than it did before. If you’re a Windows 2000/XP user, launching the Task Manager and clicking the Processes tab reveals that an unfamiliar process is using nearly 100 percent of available CPU cycles. Slide 42: When you start your browser, the home page has changed to something undesirable. You change it back manually, but soon you find that it has changed back again. You get pop-up advertisements when your browser is not running or when your system is not even connected to the Internet, or you get pop-up ads that address you by name. Slide 43: A search toolbar or other browser toolbar appears even though you didn’t request or install it. Your attempts to remove it fail, or it comes back after removal. Large numbers of such toolbars indicate spyware presence… : Large numbers of such toolbars indicate spyware presence… Slide 45: And the final sign is: Everything appears to be normal. The most devious spyware doesn’t leave traces you’d notice, so scan your system anyway! HOW CAN I PROTECT MYSELF FROM SPYWARE? : HOW CAN I PROTECT MYSELF FROM SPYWARE? As we’ve already mentioned the more you know about spyware and adware the better protection you have – Knowledge is power. Here we give few steps that you should follow in order to protect yourself from spyware:- Slide 47: Make sure to install and run an antispyware application: Perform on-demand scans regularly to root out spyware that slips through the cracks. Reboot after removal and rescan to make sure no ticklers, which are designed to reinstall spyware. Furthermore, be sure to activate real-time blocking abilities of your antispyware application. Regularly update your antispyware application – check for available updates at least once a week. Slide 48: Give your antispyware application some backup: In addition to an antispyware application, make sure to run both software and hardware firewalls and antivirus applications to protect yourself against Trojan horses and viruses. Zone Labs’ ZoneAlarm or Symantec AntiVirus and Internet security should do the job. Slide 49: Beware of peer-to-peer file-sharing services: Many of the most popular applications include spyware in their installation procedures. Avoid download of executables via P2P as you can never be sure of what they actually are. Watch out for cookies: Information gathered via cookies can sometimes be matched with information gathered elsewhere (via Web bugs, for example) to provide surprisingly detailed profiles of you and your browsing habits. Slide 50: Squash bugs: Web bugs are spies that are activated when you open contaminated HTML e-mail. So, get rid of unsolicited e-mail without reading it when you can; turn off the preview pane to delete messages without opening them. Protect yourself against drive-by downloads: Basically, make sure your browser settings are stringent enough to protect you. For Internet Explorer, this means your security settings for the Internet Zone should be at least medium. Slide 51: Do not open e-mails whose senders you don’t know: Even if you open such e-mail, be sure not to download (or open) any attachments. Be sure to thoroughly read all information included in the email if you do open it. When receiving files from someone (even if you know the person) run antispyware and anti-virus check on those files. Slide 52: Keep up to date on the ever-changing world of spyware! Knowing the threat will help you defeat it. There are several great sites you can visit to keep abreast of this issue: PestPatrol’s Research Center has one of the most comprehensive lists of spyware and related threats. Spyware info is another good online source of information. Best spyware remover is also great site Slide 53: Understand and communicate the risk to everyone in your home: If you are a parent, educate your kids about avoiding spyware as part of Internet safety. Use the auto-update features of your anti-virus or anti-spyware software: Set up automated scans to occur on a weekly basis and scan incoming e-mails as they arrive. Make use of Microsoft Windows Update, which provides critical updates, security fixes, and software downloads to keep Windows patched and current. NOTABLE PROGRAMS DISTRIBUTED WITH SPYWARE: : NOTABLE PROGRAMS DISTRIBUTED WITH SPYWARE: BearShare Bonzi Buddy Dope Wars ErrorGuard Grokster Kazaa Morpheus EDonkey2000 FINAL WORDS : FINAL WORDS We hope that we supplied enough information to give you proper knowledge to build a good defense against spyware. We explained you why spyware pose huge security and privacy threats, what does spyware do on your computer, how can you get infected with it and, finally, how you can successfully fight against it. Knowledge is power and by learning about spyware one can make the first step. But do not stop here! We cannot give you complete knowledge nor teach you how to protect yourself from all spyware / adware. Keep informing yourself in time to come – only that way you will guarantee your own privacy. PREPARED BY: : PREPARED BY: