Privacy

Spyware, why you should avoid them

The internet comes with a certain level of risk and it probably goes without saying that using it exposes us to these risks. Many technologies are already monitoring our online activity from pixel trackers and cookies to session tracking. That’s why when it comes to keeping yourself secure online, as a rule of thumb, you should always act as though someone is watching. We are not alone in what we do online and knowing this you should operate with a certain level of vigilance.

Moving on the non-legit side, the web is also full of several types of malware roaming around eager to jump into your computer, and among them, spyware is certainly the most sneaky and dangerous. You could also easily get one via phishing, so be aware of the emails you open. But…

What really is spyware?

Spyware is a piece of software sneaking into your device and starting running in the background, almost invisibly. While running, it listens to your activity and records relevant information stored on your computers such as personal information, usernames and passwords, payment information, emails, or even the websites you visit and the files you download. Once collected, it silently waits for a trigger to run additional software or share them with a remote computer. 

Frequently connected to spyware is identity theft, leading to unwanted access to email clients, social media, and bank accounts. In addition, once into your device, you’ll have a hard time getting rid of it, that’s why it is better to prevent spyware infection to secure your important information.

No matter the device, or the operating system

Historically, the preferred operating system for hackers has been Windows. As a matter of fact, it has been widely used, and it’s still the most used OS all over the world, constituting a very large base of potential victims to look for.

In spite of that, Windows is less popular in richer countries, where a share of the market is manned by Apple. That’s why since 2017 Mac spyware arose, starting to infect many devices. These viruses are mainly password stealers but could also come in the form of other malware, such as info stealer or keylogger (read below). They could also disguise themselves by pretending to be a parental control software or a system monitor app.

Your OS may not guarantee the security of your connection, let alone your device type. With mobile being in the pockets of everyone, spy apps designed to affect them are no less widespread, with major cases of mobile spying reported over the years. 

They started rising in number in parallel with the development of mobiles themselves, evolving also in their technology. Mobile spyware affects Android and Apple smartphones with no distinction. They are also particularly devious, as they run in the background but background applications are not so evident on mobiles as they are on a computer. 

They lay in the background undetected and steal sensitive information, including recording phone calls and reading SMS and keeping track of the user’s activities.

Even worse, once your mobile is infected with malware, the software may leverage additional data such as your GPS location, the image from your camera, or the audio that your microphone records. To deceive you, even more, they also use apps recompiled with harmful code and malicious apps posing as legitimate ones, as well as fake download links.

The way spyware breaches into your smartphone are usually through open wifi connections, flaws in the operating systems, and malicious apps.

There are a few actions you can do to prevent infections and avoid getting spyware on your phone. You’d better connect to trusted networks at home and at work, keep every software updated, especially the operating system, and avoid third-party apps downloading and installing.

Types of spyware

Spyware come in the form of different software, intended to perform several tasks at once. There is not a unique “spyware” definition. However, the main functionalities of spyware include the following:

Keylogger

Keyloggers’ main function is to record the system activity. Back in the day, they were responsible for keeping track of the pressure of the keys of your keyboard. The software has evolved over the years to the point where it can now record the victim’s desktop, monitor the documents sent to a printer, look at websites visited, and even read emails and chats. This information is then sent to the attacker to use at his disposal.

Bank trojans

If general keyloggers collect information with no distinction, bank trojans are specifically designed to infect computers and gather credentials for banks and financial institutions. Acting mainly on the web, so in your browser, they can use the retrieved information to place bank transfers and steal money. 

Infostealers

Less specific but equally harmful, infostealers seek information out from the infected device, looking for any file or piece of information the author of the virus may consider useful. They could virtually be anything, from system information to documents, from email addresses to media files and even personal data. They usually exploit browser vulnerabilities to enter your computer, do their job, and send the loot to the attacker.

Password stealers

These applications are typically designed to exploit your system by looking for passwords. No matter if you store them in a password manager software, in your browser, or in a spreadsheet file, their unique job is to find them. Once retrieved, they will send them over to the attacker, opening a range of critical scenarios.

Protect your computer from malicious software

Prevention always wins over repair. That’s why it is so important to understand which are the main channels for infection and how to avoid getting a virus through them.

Phishing & spoofing

Phishing has been a major threat over the last few years. Pretending to present you with the login interface of well-known software and making you download malware or type in your credentials, phishing attacks are often the medium of infection for many viruses, spyware included. Usually, they are paired with spoofing, referring to the disguise of an email sender to appear to be from an individual or an organization you trust.

Bundleware

Bundleware is an infection based on the multiple downloads and installations of software. Usually, you apply for a free trial and just want to download and install a single software but by accepting all the terms of service from the provider you end up with several add-ons and plugins installed on your device. Install software only from trusted sources, and avoid third-party or unknown sources.

Backdoors, trapdoors, and other security vulnerabilities

Used by developers as methods to easily bypass the authentication and run debugging, backdoors (known also as trapdoors) are exploited by cybercriminals to enter a system and take control. Other than being just mistakes, backdoors may be the results of the action of separate software, installed on purpose by a third-party malware (via a trojan or a phishing attack). That’s the case of Back Orifice, one of the most famous backdoor installers and widely exploited by attackers all over the world.

There are very few actions you can do as a user if a software contains backdoors in its code. Usually, similar vulnerabilities are fixed as soon as they are discovered and reported. The only advice we can provide here is to keep your software up to date.

Misleading communication and trojans

As one of the oldest ways to deceive the perception, selling something for what is not is evergreen in frauds. That’s why spyware is never presented for what they are but for everything that could look appealing or useful. A good example is malware presented as utility software on a malicious website, pretending to speed up your device, clean your disk or even repair your system from catastrophic errors. 

Protect your computer from spyware

If you’ve got a malware infection or specifically a spyware on your computer, don’t despair, it’s not too late.

There are a lot of malware scanner software and malware removal tools that can just get rid of them in a few clicks. 

A spyware detector, usually combined with a spyware remover, may be enough to detect spyware in your pc and get rid of the unwanted virus but if it’s not, you’d best access all your critical accounts (bank, email, social networks) and change all the passwords from a different device. That should add an additional layer of protection while preventing the malware from recording the new passwords.

As expected, things may also be not that simple and the detection and removal of spyware could be harder. 

As they are designed to hide and run in the background, spyware are usually quite complex to find.

Modern browsers are quite secure and don’t let web applications dump files into your computer without your consent. Infections are usually a consequence of some human actions, like allowing a download or installing a component. That’s why it is so important to adopt a critical surfing behavior.

For example, how many of you hover with your mouse to check the link you are about to click, before actually clicking?

That’s a best practice that lets you spot unwanted destinations before getting into trouble.

Another good piece of advice is on emails. Always check the email address of the sender. 

Quite often phishing attempts make use of email addresses that look almost like the ones they are supposed to be, but with little typos, punctuation signs here and there, and other small differences that should give you a heads up. Emails from unknown senders should always be handled with suspicious eyes.

Monitoring the activity of your computer is also a good method of prevention. 

GlassWire is a free network monitoring and security tool with a built-in firewall that can easily increase the security of your device with a few clicks.

At GlassWire, we provide a useful tool to keep track of the volume of data exchanged by the software running on your computer, so anyone can simply check for suspicious peaks in data exchange and block the responsible app if this is the case.

Discussion

3 responses to ‘Spyware, why you should avoid them

  1. Thanks for the info. What I would like to see would be articles showing how to use Glasswire functionality to best effect.

Leave a Reply

Your email address will not be published.