We just talked about how Potentially Unwanted Programs, or PUPs, can install adware, browser hijackers, or something called spyware. In this lesson, let’s take a closer look at what spyware is and what it does.
Spyware is malware that spies on user activity and reports back the stolen information.
Let’s say you download free software that helps you record and edit audio and video for a presentation that you have to give at work. As you install this free software, it also installs spyware in the background, and so you don’t even realize it.
Once installed, this spyware can start to monitor your activity. It could be monitoring all kinds of activity like:
- Tracking your clicks around the operating system
- Tracking browser history
- Tracking emails or other messages sent and received
- Tracking network activity
- Recording keystrokes
This becomes a major problem not only from a privacy standpoint but also from a security standpoint. If someone is monitoring your keystrokes, they can steal highly sensitive information including passwords or other credentials.
To make things a bit more confusing, spyware that logs your keystrokes is referred to as keylogging, which we will discuss in more detail in a future lesson.
What’s the point of spyware?
The primary point of spyware is usually to make money. Attackers can gather large amounts of private information that they can then bundle and sell to the highest bidder, for example.
It could even be a more targeted attack. It could be used for corporate espionage in order to gather information that isn’t publicly available and that could be sold to a competitor.
In fact, let’s run through a hypothetical scenario to frame the kinds of damage spyware can cause. Let’s say that you’ve been infected by spyware and that spyware is monitoring all of your email information. That data is being sent to a remote server that is running software to analyze what’s being said in the emails, and looking for specific keywords. Maybe it’s looking for people in the process of buying houses, and if it detects specific real estate keywords, it might alert the attacker.
The attacker could then manually take over and send a phishing attack right as you’re expecting wiring instructions from the title company, which they could see from the back and forth conversations between you, your realtor, and the title company.
These types of wire fraud attacks happen every single year. In fact, there was a 2020 story that made the news when a family wired almost $1m to a scammer thinking that they were wiring the funds to the title company. According to the FBI, consumers lost over $220 million from schemes like this in 2020 alone. I’m not sure if they ever identified exactly how the scammers managed to pull of this specific situation, but spyware could absolutely have been used to pull this off.
How to avoid spyware?
Spyware can be installed in a number of different ways. We’ve already talked about one example where spyware was installed through the Potentially Unwanted Programs technique.
However, it can also be installed via trojans by pretending to be legitimate software.
The best way to avoid spyware is by keeping your anti-virus and anti-malware software up to date at all times, avoid downloading software from untrustworthy locations, be aware of what you are downloading when you are downloading free software, and watch out for options during installation.
This is also where backups can come in very handy. Once installed, spyware can be almost impossible to completely remove from your system. Having frequent backups can help mitigate a lot of pain by letting you roll back to a prior version of your system, before the spyware was installed.
Since spyware, if designed properly, can often go completely undetected, it’s definitely not something you want installed on your devices.