Where+Does+Spyware+Come+From?

Where Does Spyware Come From?

There are three major ways unsolicited commercial software can make its way on to your machine:

Some freeware programs are ‘bundled’ with parasites, which are installed at the same time.

The P2P file‐sharing programs are notorious for this; in particular, iMesh and Grokster come with countless unwanted add‐ons.

Often if you are careful to read the small print when you install the software it will warn you about this, and it is sometimes possible to opt out.

So it is advisable to always speed read the licence agreement when you install and don’t just click Next‐Next‐Next.

Then again you still can’t be sure they’ll tell you.

Many parasites load using Internet Explorer’s ActiveX installation option.

When a web page includes a link to an ActiveX program, a window will appear asking the user wishes to execute it.

If ‘Yes’ is clicked (Or where IE security settings are set lower than normal it will never even asks), the software is allowed to run and can do anything at all it likes on your computer, including installing parasites.

This is the reason, you should never click

‘Yes’ to a “Do you wish to download and install...” prompt unless you are 100% sure you trust the publisher of the software, which might not be the publisher of the web site you are viewed do read the dialogue box very carefully.

Sometimes sites (or pop‐up ads) try to fool you into clicking ‘Yes’ by stating that the software is necessary to view the site, or opening endless error windows if you click ‘No’, or claiming that the digital certificate on the code means it is safe.

It means no such thing. ‘Microsoft Authenticode’, signed by companies like Verisign, means only that the company that wrote the software is the same as the company whose name appears on the download prompt

Nothing more.

Some of the really sleazy parasites, particularly homepage‐hijackers and diallers, execute by exploiting security holes in Internet Explorer,

Microsoft maintains that ways of getting code to run that are not supposed to be possible, but are due to mistakes in the browser code.

You can do your best to guard against this by ensuring you have the latest updates and patches from Microsoft.

However as can be observed from the number of patches issued by Microsoft.

There are usually a handful of security holes that have not yet been corrected, so you can never be 100% sure you are safe.

One way of reducing your risk of exploitation is to go to :‐

Tools‐>Internet Options‐>Security and set the security level for the Internet Zone to ‘High’.

(If no slider is visible, click ‘Default level to make it appear first.)

Then set the security level for the Trusted Zone to ‘Medium’ and add the sites you use and trust to this zone;

You may need to do this quite often as many badly‐designed sites just won’t work in highsecurity mode.