Spyware is the term that defines a piece of software that can see what you are doing on your PC and sends this information over the Internet. For example it can track your viewing habits and if it sees that you visit a lot of websites about music or CD’s then it will show an ad that features an online music store. These spyware ads are often in the form of pop-ups or pop-unders that are very obtrusive.

One of the main methods in which spyware can installed on users computers is via pop-ups that appear on dubious websites. These pop-ups can often be disguised as security upgrades and can often look like they have been triggered by your operating system. Other spyware installation methods come from websites that offer free screensavers, free jokes or free weather reports. These applications, when downloaded will infect your PC with a Spyware program.

Here at Spyware.org.uk we recommend McAfee AntiSpyware 2006

Only £23.99
Save 20%

Protects your identity from being compromised
Detects persistent and offensive Internet promotions
Monitors your PC for changes in security settings
Prevents unwanted programs from reporting your Internet activities
Updates automatically to protect against new threats

 Click here for more information

The most direct method by which spyware can infect a users PC involves the user installing it themselves. However, as most PC users tend not to install software if they know that it will corrupt their PC or effect their privacy. So many spyware programs trick the users, either by piggybacking on a piece of desirable software such as a peer to peer file sharing network that allows users to download MP3’s, or by tricking the users to do something that installs the software without them realising it.

This method is known as a Trojan horse, which by definition, smuggles in something dangerous in the guise of something desirable. Some spyware programs get spread in just this way. The distributor of spyware presents the program as a useful tool, for instance as a "Web accelerator" or as a program that can clean up your PC. Users download and install the software without immediately suspecting that it could cause harm. For example, Bonzi Buddy, a spyware program targeted at children, claims the following:

He will explore the Internet with you as your very own friend and sidekick! He can talk, walk, joke, browse, search, e-mail, and download like no other friend you've ever had! He even has the ability to compare prices on the products you love and help you save money! Best of all, he's FREE!  

Spyware can also come bundled with shareware or other software that is downloadable from the Internet, as well as music CDs. The user downloads a program (for instance, a music program or a file-trading utility) and installs it, and the installer additionally installs the spyware. Although the desirable software itself may do no harm, the bundled spyware does. In some cases, spyware authors have paid shareware authors to bundle spyware with their software. In other cases, spyware authors have repackaged desirable free software with installers that add spyware.

A third way of distributing spyware involves tricking users by manipulating security features designed to prevent unwanted installations. The Internet Explorer Web browser, by design, prevents websites from initiating an unwanted download. Instead, a user action (such as clicking on a link) must normally trigger a download. However, links can prove deceptive: for instance, a pop-up ad may appear like a standard Windows dialog box. The box contains a message such as "Would you like to optimise your Internet access?" with links which look like buttons reading Yes and No. No matter which "button" the user presses, a download starts, placing the spyware on the user's system. Later versions of Internet Explorer offer fewer avenues for this attack.

Some spyware authors infect a system by attacking security holes in the Web browser or in other software. When the user navigates to a Web page controlled by the spyware author, the page contains code which attacks the browser and forces the download and installation of spyware. The spyware author would also have some extensive knowledge of commercially-available anti-virus and firewall software. This has become known as a "drive-by download", which leaves the user a hapless bystander to the attack. Common browser exploits target security vulnerabilities in Internet Explorer and in the Microsoft Java runtime.

he installation of spyware frequently involves Microsoft's Internet Explorer. As the most popular Web browser, and with an unfortunate history of security issues, it has become the largest target. Its deep integration with the Windows environment and its scriptability make it an obvious point of attack into Microsoft Windows operating systems. Internet Explorer also serves as a point of attachment for spyware in the form of browser helper objects, which modify the browser's behaviour to add toolbars or to redirect traffic.

In a few cases, a worm or virus has delivered a payload of spyware. For instance, some attackers used the W32.Spybot.Worm worm to install spyware that popped up pornographic ads on the infected system's screen. By directing traffic to ads set up to channel funds to the spyware authors, they can profit even by such clearly illegal behaviour.