Spyware Prevention and Detection

The Internet has become a popular method for managing finances through online banking. While some individuals have taken steps to protect their computers, many firewall and anti-virus software programs do not protect computers from one of the latest threats, "spyware", a form of software that collects personal and confidential information about a person without their proper knowledge or informed consent, and reports it to a third party.

Spyware Infection
Spyware is usually installed without a user's knowledge or permission. However, users may intentionally install spyware without understanding the full ramifications of their actions. A user may be required to accept an End User Licensing Agreement (EULA), which often does not clearly inform the user about the extent or manner in which information is collected. In such cases, the software is installed without the user's "informed consent."

Spyware can be installed through the following methods:

• Downloaded with other Internet downloads in a practice called "bundling." In many cases, licensing agreements may be included in a pop-up window that, unless read carefully, may leave the user unaware of "bundled" spyware.
• Directly downloaded by users who were persuaded that the technology offers a benefit. Some spyware claims to offer increased productivity, virus scanning capabilities or other benefits.
• Installed through an Internet browsing technique called "drive-by downloads." In this technique, spyware is installed when a user simply visits a Web site. The user may be prompted to accept the download believing it is necessary in order to view the Web page.
• Automatically downloaded when users open or view unsolicited e-mail messages.

Behaviors Associated With Spyware
Spyware can be difficult to detect and remove because it:

• Does not always appear as a running program in the Window's Task Manager; therefore, the user may be unaware that his or her computer is infected.
• May not include a removal option in the Windows "Add/Remove Programs" function. When such an option is present, the removal process may not eliminate all components, or it may redirect the user to an Internet site to complete the removal. This often results in new or additional infection rather than removal. In addition, some spyware includes a feature to reinstall itself when any portion is deleted.
• May cause a further infestation by installing other spyware programs onto users' computers.

Risks Associated With Spyware
Spyware increases the potential risk of the loss of sensitive information by:

• Exploiting security vulnerabilities or settings, changing the computer configuration to relax security settings, or allowing a channel into your computer system by circumventing the firewall. The result is that attackers can eavesdrop and intercept sensitive communications by monitoring keystrokes, e-mail and Internet communications. This monitoring may lead to the compromise of sensitive information, including user IDs and passwords.
• Draining and consuming system resources, even when the user is not browsing the Internet, such as when adware results in voluminous unwanted pop-up advertisements. Adware is software that tracks a user's Internet browsing habits.
• Compromising confidentiality. Certain types of spyware install an application on the user's computer that monitors and records all Internet communications and sends the report back to the originator. Identity thieves may then impersonate the customer using the IDs and passwords collected.
• Increasing vulnerability to "phishing" and "pharming" attacks, as some spyware can redirect Internet page requests. 
• Phishing seeks to lure a user to a spoofed Web site using an e-mail that appears to come from a legitimate site. 
• Pharming seeks to redirect a user to a spoofed Web site by introducing false data into a legitimate domain name server (DNS). The spoofed Web sites are set up to collect private customer information, such as account user IDs and passwords.

Recommended Actions to Mitigate the Risks Associated With Spyware
Internet users should evaluate the risks associated with spyware and mitigate those risks,  as well as prevent and detect spyware, by considering the following:

• Installing and periodically updating anti-spyware, virus protection and firewall software.
• Adjusting browser settings to prompt the user whenever a Web site tries to install a new program or Active-X control. An Active X control is a set of instructions that will automatically run on a computer when downloaded by the browser.
• Carefully reading all End User Licensing Agreements and avoiding downloading software when licensing agreements are difficult to understand.
• If a downloadable file is available on the Internet, first think if you really need to download and/or install it. Since downloading of files from the Internet always involves risks, you should carefully consider if it is necessary. Important things to consider include the reliability of the pages, the contents of the program to be downloaded and whether you can trust the announcement about the contents.
• Maintaining patches to operating systems and browsers. Several spyware programs take advantage of reported vulnerabilities that, if patched, would limit the spyware's effectiveness.
• Not opening e-mail from untrustworthy sources.
• Implement tools to scan e-mail for SPAM and either block the e-mail or designate it as SPAM. E-mail scanning can limit the likelihood that users could unknowingly infect their computers by viewing or reading e-mail that contains spyware.
• Implement tools to restrict or prevent pop-up windows. This limits the likelihood that spyware will be downloaded through pop-up windows, either automatically or through user error.