Dirty Spyware Tricks

If you had a complete knowledge of what most spyware was doing to your ystem, you would never agree to install it. So how does it end up installed on so many PCs? Here are some of the dirty tricks that spyware uses to worm its way onto your system and stay there. (Not all spyware uses every technique.)

1) Hide inside another program’s installer.

You will often see this technique in peer-to-peer programs like Kazaa. Hundreds of “freeware” programs install some form of spyware along with the main application. In some cases the spyware is relatively innocuous, but in others it can crash your system or invade your privacy. The only hint you may see is a short sentence or two in the end user license agreement (EULA) to the effect of “third party software may be installed along with the application.”

2) Use confusing legalese.

The license agreements don’t just come out and say “we’re going to collect information and screw up your browsing” since that wouldn’t get them a lot of customers. Instead, the licenses are full of vague and confusing prose.

3) Keep asking until you say Yes.

This is particularly common with drive-by downloads. Some spyware is delivered by an ActiveX control that tries to load each tim you visit a web page where the spyware is present. As a security measure, the browser will ask if you want to install. If you say No it’s only good until the next web page you load, where you’ll again be asked the question. After a few pages of this, some people will give up and say Yes. (A better move would be to give up and leave that site.)

4) Create a false pretense for needing the software.

You get this email message from a friend: “I’ve just sent you a greeting card, go to this web site to read it!” When you get to the web site it asks you to install a “greeting card viewer” that turns out to be spyware, and it sends a similar card to everyone in your address book. In the license agreement you didn’t read but agreed to, you gave it permission to do that!

5) Look essential, or be invisible.

Some spyware will use an official-sounding name like “winstartup” so that you’ll be less likely to disable it if you see it running. Others maintain a low profile by using dozens of different file names and locations, or even generating a random file name to escape detection. To further mask its existence and reduce your awareness of it, many spyware packages will even install software updates without your knowledge.

6) Don’t uninstall, even when asked.

Whether by design or mistake, a lot of spyware does not remove itself when you uninstall the application that originally installed the spyware. In many cases the only way to completely remove spyware is with a utility like PC Pitstop Exterminate.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles

Botnets, Now What?

Just when I was becoming accustomed to using spyware removal tools and running the occasional Pitstop virus scan (few people keep their antivirus current these days), something new comes along.

Have you ever wondered why your machine seems like it’s operating in mud or is just ignoring you? Well that’s probably because it’s operating just fine for someone else. Yep, we’re talking Botnets. Botnets are using your CPU, draining your memory, just waiting to be told what to do by someone making money from your investment. You don’t mind do you?

Read More

PC Pitstop Top 25 Spyware and Adware

PC Pitstop has long been a source of information about unwanted software and how it spreads. Now we’re using our test results database to give you weekly updates about which programs are the most prolific. The prevalence numbers indicate the percent of PCs tested at PC Pitstop where we detected that file running. Our detection works by file name, so some products may be listed multiple times if they consist of two or more files. To check for spyware, adware, unneeded programs, and many other common PC problems, try PC Pitstop Exterminate or our full system scan.

Read More