These are some of the terminology used to describe various types of malicious programming: malware, virus, worm, trojan horse, rootkit, crimeware, phishing, and adware.

Malware is a generic term referring to the entire spectrum of programming, whether malicious or merely annoying, whose sole purpose is to gain access to a computer without the owner’s knowledge or consent. Legitimate programming that has bugs or other problems which end up harming a computer is not considered to be malware – it’s just poorly designed. The key to whether or not a piece of programming is malware is the intent of the programmer. Does the program have a legitimate purpose, or is there an illicit motive behind its creation? Examples of malware include viruses, Trojan horses, rootkits, adware, crimeware, worms, and spyware.

Virus is a term that is commonly used interchangeably with malware, however, for a piece of malicious computer code to be a true virus, it must have the capability of spreading from computer to computer via the internet (in the form of a shared downloaded program) or a removable memory device (flash drive, diskette, or CD). Before a virus can do damage to a computer, it must be “unlocked,” which happens when a user clicks on an infected program. Rather than the intended program opening, the virus usually will execute first. It quickly replicates itself and moves rapidly through a computer’s system, just as a natural virus will infect a host organism, propagate, and begin working against the body’s defenses. If a computer is linked to a network, like most workplace computers are, the virus can quickly spread to each computer in the network through, for example, harmless –looking email attachments. If left unchecked, viruses can replicate themselves until all free space on a computer’s hard drive is filled. More commonly, the virus will delete or alter data stored on the hard drive, and/or permanently degrade the computer’s functionality.

Worm is a term referring to a category of malicious self-replicating programming. It differs from a virus in a few important ways. First, worms do not need to embed themselves in another program – they are stand-alone computer programs. In addition, worms generally are not designed to do damage to a computer’s files. Rather, they are commonly used to open a “backdoor” in a computer, allowing a remote user to gain access to the system. When a computer has been hijacked, it is called a “zombie,” and entire networks of these compromised computers are known as “botnets.” Spammers often send out their illegal marketing emails using “zombies,” without the knowledge or consent of the owner. The security issues, for both individuals and business, are self-evident.

Trojan Horses are programs which appear to be helpful, but in fact compromise the computer’s security, allowing unauthorized access to the computer and network. Depending on the intent, worms and viruses may be correctly considered to be Trojan horses. Once a computer has become infected, a host of ill-intended functions can take place, including:

- Deleting or altering data

- Degrading programs in a deliberate attempt to reduce a computer’s ability to function properly

- Uploading files from the computer, or downloading additional malicious software

- Helping to set up botnets

- Spying on browsing habits

- Copying keystrokes (to steal password and user ID information)

- Identity theft (stealing bank account, tax, and personal financial information)

- Displaying pornographic advertisements or images.

Rootkits are programs designed to hide the fact a computer’s security has been compromised. They are often Trojan horses as well, tricking the user into believing it is a helpful program. Rootkits are used by hackers to gain administrative control over computer networks. The rootkit will block parts of a network off from each other, which helps to conceal the illicit activities from the legitimate network administrators.

Crimeware is specially-designed malware that facilitates identity theft. The malware allows an identity thief access to a person’s online financial accounts (bank, stock, credit cards). The thieves can clean out the accounts and disappear into cyberspace, usually well-before the victim has any idea what is happening. Using crimeware, the identity thief can install keystroke logging software which allows access to user IDs and passwords, as well as programming which directs the internet browser to a counterfeit site where the user ID and password are stolen.

Phishing is not a program or rogue piece of code floating through cyberspace, waiting for a unsuspecting internet user to download and install it, but it is a growing problem and anyone concerned with privacy concerns on the internet needs to be familiar with it. Phishing is a technique hackers and identity thieves use to gain control of a person’s private information. In a phishing scam, an email or instant message will arrive from a seemingly legitimate sender, such as a bank, PayPal, eBay, online stock trading company, or a social networking site (such as Facebook or MySpace). The person receiving the email will be directed to what looks like legitimate site and asked for their personal information. Once the passwords and user IDs have been surrendered, they scammers can clean out bank and stock accounts, make fraudulent purchases with credit cards, and other financial crimes.

Adware, also known as “advertising-supported software” is software which displays or downloads advertising or marketing pitches to a computer. Advertisers pay programmers of freeware or shareware to place banner ads on the computer’s desktop while the program is running. It allows the programmers of this free software the opportunity to receive compensation for their efforts. However, adware becomes classified as malware when it secretly bundles spyware along with it.

Symptoms of spyware infection:

- Pop-up advertisements.

Spyware programs will often inundate the user with a deluge of advertisements, many times unrelated to the particular website that is being visited. If pop-up ads appear when a computer’s just been restarted, or occurs while the user has a closed browser, it is a pretty good bet that the computer’s been infected.

- Default settings are changed.

Spyware sometimes will change the default homepage a browser connects to when a new internet session is begun, or will not connect to the chosen search engine when prompted to do so. New shortcuts may appear on the computer’s desktop, as well. If a user resets the defaults or reboots the system, but they revert back to the unwanted settings, spyware is likely responsible.

- Toolbars magically appear atop the browser.

If a user did not intentionally download a toolbar, but one suddenly appears and cannot be removed, spyware is likely the culprit.

- Poor operational performance.

Unlike legitimate software which is specifically designed to run harmoniously with operating systems, such as Windows XP or Vista, spyware programmers are unconcerned with such niceties. The programmers are only concerned with accessing and transmitting information. If it reduces efficiency or crashes the system, so be it. Another symptom is if the same program keeps crashing, or if the computer takes a long time to perform routine tasks, like opening a file folder or executing a normal piece of software.

- Irregular email actions.

If a user finds routine emails being returned, or vast amounts of email sent from their account, it is probable that the system has been compromised.

So if your computer suddenly begins acting strangely, it may be time to have your computer checked out.

Spyware designed for Windows is ineffective against the Mac. Hackers have begun working different angles to ensnare Mac users, whose confidence in the Mac OS may have lulled them into a false sense of security. For a long time, Mac users were insulated from attacks. The reasons for this were two fold:

1. The Mac operating system was designed to be much more secure than the traditional Windows system. This combined with the fact that

2. the number of Mac users relative to PC users was incredibly small.

There was little incentive for hackers to spend the time and effort to build malware that could breach the Mac’s security. There is also the little issue of corporate reputation. Apple has long been considered the scrappy underdog to Microsoft’s industry dominance. Hackers have long taken great pleasure at pounding holes in Windows, Internet Explorer, and the Office Suite of products.

But as Macs have become more widespread, and Apple’s reputation as an innovator and leading-edge design company, many of the barriers keeping hackers at bay have weakened. Hackers now employ two effective strategies to spy on Mac users.

As noted earlier, phishing is an incredibly effective tool hackers and identity thieves use to steal personal information, and it takes little effort to install spyware on a Mac if the user offers up their information willingly.

The second strategy hackers employ is through unknown downloads. With the plethora of mac applications being created, there is little doubt that the unscrupulous have been busily creating apps which could compromise a Mac’s security. For example, spyware could be part of a song download or as a browser plug-in. As soon as the user enters the password (Macs require a password before any new software installation), attacks could begin.

As with PC spyware programs, the key to the ones designed for Macs is research and more research. Prevention, detection and removal are the most important features users should be looking for. But the best defense remains vigilance. Users need to exercise caution when logging onto unfamiliar sites and downloading content that a cautious person would deem questionable.

Simply relying on Mac’s well-earned reputation for security is no longer enough.

If you suspect your system has been infected, waste no time in taking the necessary steps to protect yourself.

There are dozens of free scanning tools available on the internet. A good piece of advice would be to conduct initial research on spyware scanning tools. Even a cursory examination shows that there are several free scanning tools that are suspected of being nothing more than spyware themselves! Do the research. There is no sense in letting the medicine be worse than the disease.

Choose a free initial scan from a reputable company, one such as Norton, McAfee, or Microsoft (if the computer is running Windows or Vista as its operating system). You may need to download a piece of programming from the website in order to complete the scan. Once a user has downloaded and installed the software, immediately execute the scan. Because of the diversity of malware on the internet, most scanning tools do not limit themselves to scanning for spyware, but the whole spectrum of malware and viruses.

If the scans reveal an infestation, the next step is to remove the spyware and whatever malware is present as quickly as possible. There are a number of anti-malware products on the market, almost all of which are sold under the “Antivirus” moniker. Be sure to conduct research on the different available products. Websites such as www.cnet.com, www.pcmag.com, www.consumerreports.org (subscription only), and www.amazon.com all have very good, useful reviews of the pros and cons of each product. Pick the one that you feel best addresses your needs and internet usage habits.

According to a 2007 report from McAfee/National Cyber Security Alliance (NCSA):

- 98% of American personal computer users believe that security is important

- 93% believe they have taken the appropriate steps to safeguard their system.

- 99% have heard of spyware

- 75% have heard about phishing

So it is fairly clear that the vast majority of PC users understand the threats posed in cyberspace. While such awareness is heartening, it tells only half of the story:

- 92% of those surveyed believed their virus protection was up-to-date. In reality, just 51% had a current update to their software within the past week.

- 73% believed they had a firewall installed. In reality, only 64% had it enabled.

- 70% believed they had anti-spyware software installed. In reality, only 60% had it properly installed and configured.

- 27% said they had anti-phishing software installed. In reality, only 12% were properly covered.

- Only 24% of Americans have anti-spyware software installed, an enabled firewall, and anti-virus protection that had been updated within the past week. (This statistic is especially troubling because all three of those components must be part of any reasonably effective security system for one’s PC.)

- 54% of Americans say they have had a virus on their computer, while, unbelievably 15% AREN’T SURE!!!

- 44% of those surveyed reported that they believed they had spyware or adware on their home PC

- 74% report having received a phishing email, with 92% of them saying the email looked eerily authentic

Perhaps these statistics would be less troublesome if:

- 87% of Americans reported storing personal financial, health, professional, and personal information on their computer

- 88% go online to use their computer to bank, trade stocks, and/or review their personal medical information

This survey shows while Americans are aware of the threats in cyberspace, and many have already fallen victim to some of them. Yet, people are painfully ignorant with regard to both the protection they have, as well as the protection they will need.

There have been periodic attempts to enshrine anti-spyware laws in the Federal Register, the most recent being the Internet Spyware Prevention Act of 2007, which was introduced and passed the House of Representatives, but was never called to the floor of the Senate for a vote.

In recent years, some states have filed lawsuits against firms suspected of creating and disseminating spyware. For example, in 2005, former New York State Attorney General Spitzer filed suit against a company called Intermix Media, despite the fact that no specific anti-spyware legislation is on the books. New York accused Intermix of violating the state’s laws against deceptive acts and practices, as well as false advertising. When users downloaded and installed screen savers from Intermix’s web sites, an adware program called KeenValue was surreptitiously installed at the same time. The firm “neglected” to include any sort of uninstall program and wrote the code to ensure the program reinstalled itself if it was ever deleted. Intermix also advertised its product as being free from spyware.

The big problem with prosecuting the purveyors of spyware is that the legal definition of what constitutes spyware are incredibly hazy. That, and as noted earlier, many users agree to allow the spyware to be installed on their computer when they click on the “I agree” button, acknowledging that they read and understood the terms of agreement. The best hope of consumers is for legislation to be enacted which limits what concessions software sellers can demand from users in their purposely obtuse and unintelligible end-user agreements. But the internet respects no national borders, and developing international laws governing such practices could prove quite elusive.

In addition to adware, there are several types of spyware circulating on the internet.

Dialers are programs that infect the computer’s dial-up settings and make calls on the computer’s modem without authorization. These unauthorized calls can result in very large and unwanted telephone bills.

Remote Administration Tools establish remote, third-party control over one’s computer, and all the information and processes on that computer.

Password Crackers were originally designed to allow the owner of the computer to access passwords which had become either lost or forgotten. However, in the hands of a hacker, it provides the opportunity to gain access to confidential passwords, leaving all manner of private data at risk.

Key Loggers are software that records keystrokes entered on the computer for the purpose of stealing information, such as user IDs and passwords. Many times, the records are maintained in a secret file on the computer’s hard drive, to be accessed at a later date by a hacker.

Jokes are not malicious in nature; rather, they are merely a nuisance and designed to elicit either irritation or alarm in the user.

The answer to this question depends upon the how zealously one wants their privacy protected. All spyware programs invade the privacy of the user, so if one seeks total and complete privacy, then the answer is, yes. But a more nuanced answer is that it depends upon the nature of the spyware and the intent of the person(s) responsible for its creation. Simply recording one’s online habits and using it to target that individual with advertisements for specific products and services is not malicious and, except for the lowered operational performance of the infected computer, relatively harmless. If private information, such as passwords and user IDs are being monitored and captured, there is little question that spyware program is truly malware intended to harm the computer user.

What is More Dangerous: Spyware or Viruses?

Though viruses get the lion’s share of attention, thanks in large part to the destructive nature of the threat, a strong case can be made for spyware’s ascendency as Public Enemy #1 among internet users.

Viruses are malicious, data-deleting smart bombs, rogue programs which seek and destroy, either out of some twisted understanding of “fun,” or as part of a larger campaign of information warfare between rival hackers, corporations, even nations. They can wipe out one’s hard drive in minutes, erasing years of accumulated data in one fell swoop. The effect is similar to that of a carpet-bombing campaign: shock and awe. But, at the end of the day, all that’s really been lost is data, which can be reworked, found again, or otherwise replaced.

Spyware, on the other hand, is the more insidious problem. It does not destroy information – it steals it. And that which is stolen always poses a bigger threat than that which has been destroyed. Identity theft, the theft of corporate secrets, and other invasions of privacy can have devastating long-term consequences, especially as the use of the internet and related applications grows in ubiquity.

Previously, IT managers and other technology professionals believed that their firewalls and other formidable security measures would protect them from the scourge of spyware. But nothing could protect those systems when employees downloaded infected programs and installed them on their workstations. (For this reason, many businesses now strictly curtail such downloading activity by employees).Beginning around 2005, they began noticing a marked increase in calls to IT help desks, complaints ranging from the dreaded pop-up ads to slow PC performance. Spyware can cost businesses as much as $350 per PC to fix, when all costs are factored in (http://www.newsweek.com/id/56465).

But business may be partly to blame for these woes. As noted in Newsweek, corporate advertising spending trickles down from the big firms to smaller marketing companies who are paid by the click on banner ads and the like on websites.

But these are merely a nuisance when the true potential of spyware’s destructiveness has yet to be realized. Theft of passwords and user IDs open the door for corporate espionage and other forms of corporate crime, one where trade secrets and other valuable intellectual property are at risk of theft. It is little wonder that businesses see spyware os one of the top five threats to their security, and why anti-spyware software spending has become a multi-billion dollar business. In fact, internet security provider FaceTime Communications, surveyed more than 1,000 IT managers and end users, finding that spyware and other unsanctioned downloads result in average monthly costs of $130,000 (http://www.bankinfosecurity.com/html/bankinfosec_article16.html). The survey also found that spyware incursions appear to be growing at a rate twice that of computer virus incidents

Increasingly, enterprise applications are being downloaded, which means the browser has become one of the most important conduits through which critical business supplies are transmitted. When the browser is infected, the results are often disastrous.

In 2006, more than 1,300 people in Oregon were exposed to identity theft when an employee of the state’s department of revenue downloaded Spyware. He was using his office PC to surf porn sites, and downloaded a Trojan virus. For four months, names, addresses, and Social Security numbers were recorded and transmitted to the Trojan’s architect.

The Oregon Department of Revenue has banned employees from accessing Web sites for personal use, but such stringent regulations are impractical for most businesses. Many jobs require unfettered access to the internet, and spyware and viruses can be accidently downloaded from even legitimate-looking sites. Hackers can establish a blog on a legitimate host site and post Trojans or keylogging software to the page.

Spyware not only steals data, but also internet bandwidth, stopping the normal flow of traffic through the network. As noted earlier, spyware greatly compromises a computer’s processing speed, bringing the system to a crawl. It can also cause major system instability, leading to more frequent crashes. Caring for corrupted PCs can account for almost 20% or more of a company’s IT Help Desk resources (http://www.stopzilla.com/learning/CostOfSpywareToYourBusiness.do).

Spyware is a type of program that secretly uses a computer’s internet connection to send demographic, browsing, and other usage information to advertising or marketing firms. More broadly, “spyware” can refer to any application which surreptitiously installs itself on a computer and performs any number of actions without the user’s knowledge. For the reasons enumerated above , spyware and adware are often spoken of in the same breath because very adware often has a hidden spyware module attached to it. Though advertisers claim that all information transmitted is anonymous, the opportunity for violations of privacy is clearly evident.

It does not require much imagination to understand why programmers willingly add adware and spyware to their creations – without doing so, they would not be paid. But what’s in it for the person paying the programmers? In other words, why was spyware created in the first place? That’s an easy question to answer: money. It allows advertisers and marketing companies to monitor a user’s online behaviors and proclivities, and then target advertising towards that individual, either through email or pop-up advertising.

All adware is not so insidious, but the vast majority is. If the problem were simply a matter of a few pop-up ads every now and then, the issue would barely rise to the level of a nuisance. But the threat to privacy occurs with the unauthorized flow of information from an infected computer. When push comes to shove, these marketing and advertising companies point to “strict” guidelines regarding the type of information gathered, as well as the “guarantee” of privacy. It is fair to note that they are compelled to gather such information in secret, providing users zero say over what kinds of information flows from their computer, both of which speak volumes about these assurances.

Like worms, spyware acts as an independent piece of executable programming. That means is it can act just as any other computer program does. Whatever a programmer wants the program to do, it can do it. Whatever information the programmer wants, he or she can have, be it keystrokes, hard drive scans, instant messaging, email communications, browser settings, cookies… whatever! All of this information can be sent to an unknown third party, then possibly sold to the highest bidder. There are no restrictions on the information they can steal.