Bad News - the Threat is Bigger than it Seemed
How recently it was ? when even many journalists believed that spyware gathers mostly information to be wore for targeted advertising. Definitions like "spyware, a.k.a. adware, is?" were pretty common in articles. Keyloggers and system monitors were mentioned as dangerous, however relatively uncommon. Until the Spy Audit survey manufactured by ISP Earthlink and Webroot Programs clearly showed - it is not uncommon at all.
The results of the survey are here:
http://www.earthlink.net/spyaudit/press/ and http://www.earthlink.net/about/press/pr_spyauditsurvey/
Reading them will be time well-spent for everybody who employs Internet and at least another time deals with information valuable enough to be stolen; in fact, it means just everybody.
"Industry experts indicate that these varieties of programs [i.east. spyware in general] could reside on higher to 90% of all Internet-connected computers" ? that's the exact quote. Thinking about the number of computers scanned when you took this survey (which lasted for a whole year 2004), there exists nothing left however to come to the conclusion ? it must be true to fact.
Notwithstanding the fact that 1 of the Spy Audit authors is an anti-spyware vendor, there appears to be no doubt that the results are trustworthy ? there has been even more than four.six million system scans processed in 2004. It seems that the results of the survey can be like the bolt from the blue even for the specialists, not to mention general public.
sixteen.forty-eight percent of all scanned consumer PCs in 2004 had a system monitor installed. It means that sixteen.forty-eight percent of these users were unequivocally under monitoring (who monitors them ? that's an additional question). sixteen.sixty nine percent had a Trojan horse program, and this is a troubling sign, too ? it's a keylogging module that Trojans typically have within. "Information-stealing Trojan" in descriptions virtually all typically means "keylogger-containing Trojan". Both figures give us an overwhelming thirty three.seventeen percent PCs contaminated with a select few program with information stealing capability. Even if not all these Trojans were information-stealing ones, the situation is distressing in any case.
Schools of Phish and Herds of Trojan Horses
"Traditional" phishing and spoofing (sending emails linked to a bogus bank Web site and waiting for unwitting customers) are, unfortunately, not new phenomena. It's a modernized two-stage scam which includes contaminating the victim's machine with a keylogger-containing Trojan horse program that is spreading like a wildfire currently.
This scheme is without doubt much even more dangerous; in this case the victim needn't follow the link in the email. Trojan horse lurks in the background until the victim varieties particular titles or even Web addresses into his browser. When the user visits 1 of a number of banking Sites the malicious code is triggered into action, capturing passwords and taking screenshots. Then the information is sent to remote hackers who can assume it to break into the bank account and steal money.
There were many outbreaks in activity of such information-stealing Trojans which targeted bank customers in 2004. As a matter of fact, such a scam was 1st wore in Brazil ? when the notorious Trojan known as Troj/Banker-AJ appeared, experts recalled that the security firm Sophos had warned sooner in 2004 about criminals who utilized similar techniques to break into Brazilian online bank accounts.
Crooks will utilize pretty ingenious and "efficient"(if such a word might be appropriate for this activity) techniques to place the Trojan into users' PCs ? letters can be mimicking CNN news alerts, or even offering to reserve the extremely latest book about Harry Potter in the series prior to it's published in July. Who knows what will they invent next?
Considering Solutions to the Problem
In 2004 it be as clear as day to anyone - from being not much even more than a nuisance for PC users, spyware turned into 1 of the major threats to information security. Since the Internet has be a section of daily life and business, rapid expansion of such kinds of cybercrime as identity theft and phishing endanger the whole society. A select few varieties of spyware, namely programs capable of stealing valuable information (like passwords, SSNs), certainly help these crimes.
Programs vendors by all means are responding to the threat to meet the enormous demand for anti-spyware protection.
Many large anti-virus vendors, like Norton and McAfee, have already begun providing anti-spyware protection as well. Microsoft as well joined the anti-spyware market this year (and has already turn into a target for the malicious Trojan called Bankash-A; fortunately, no good damages reported so far). Symantec plans to announce new features to fight spyware in a few of its enterprise antivirus and intrusion prevention products.
Besides, there also are ? literally - 100s of stand-alone anti-spyware developers and vendors. The number of anti-spyware programs they all develop, promote and sell is constantly growing - and will expand in future. So will the gains. Based on data from predictions from the market advisory firm IDC, the market for anti-spyware solutions is expected to boom in the next couple years. Anti-spyware programs revenues will soar from US$12 million in 2003 to $305 million in 2008.
However do you need end users ? are they going to advantage from such a kind of anti-spyware solutions available at the market? Or even will they just feel bewildered and wasted in all this mass of ads offering instant relief from foul and dangerous spyware? It looks like virtually all people are already confused because advertising is pretty much alike ? how to distinguish a high-quality product from a few hit-or-miss programs developers fabricated in haste just to get fast profits?
What a user can (actually must) do is to know what exactly he or even she's buying or even installing for free. Right here are many elementary common-sense tips:
The 1st step is to visit the site of the company that produces this product. Look it through. Read "about us" part. How long does this company exist? Ignore "testimonials" ? there isn't a guarantee that it was not the company's PR manager who wrote them. It would be better to look for, say, Google groups for opinions.
A very good old background check will also do a lot of great. It takes a few time, though ? however peace of mind later is worth half an hour's browsing the Web currently. The simplest way is to look for for the product's moniker along with such words like "installs", "spyware", "adware", "popups", etc.
There are even lists of suspicious, low-performing, or even adware-installing products. See, as an example, http://www.spywarewarrior.com/rogue_anti-spyware.htm - an ample list of anti-spyware you'd better not acquire. Per way, the whole this site is worth studying thoroughly.
The fact that you aren't a tech host does not mean you are able to afford not knowing the basics these products are built on. What a user can expect from an anti-spy product and what is easily impossible?
Virtually all anti-spyware products apply signature databases, i personally.east. rely on elementary pattern-matching system. Detecting spy programs is the important step of the whole process ? all the protection depends on whether the anti-spy programs is able to detect as many malicious programs as possible. The bigger the database is and the even more typically it's updated, the even more dependable protection the product will provide.
Signature base, which virtually all anti-spy products depend on, is actually the "list" of signatures ? microscopic pieces of spy programs' codes. Anti-virus or even anti-spy program actually scans the system and compares its codes with those in signature bases. So, in this case only the spies whose signatures already are in the base will be found and finally "caught". As long as anti-spy programs is regularly updated and the system does not come across a select few unknown spy product, every thing is ok.
The problem is that there exists great deal of people capable of creating something brand-new, unknown to anti-spyware developers. The time period when a new spy already survives, however the updates haven't been released yet, is the extremely time when cybercriminals produce their biggest gains.
The benefit of signature base analysis is that programs built on this method of detection can be of wider range ? it's possible to include signatures from different varieties of spyware and adware into a lone database. All the same, regular release of updates for these bases becomes very important. If the developer fails to do it properly and on time, there exists a considerable gamble for such a program to turn into "Jack of all trades and an expert of none."
The conclusion is elementary ? if a product applies signature database, it's better to select anti-spyware with the biggest and virtually all frequently updated base. Do not expect absolute protection ? with this system it's easily unattainable.
However in case of information-stealing programs, like keyloggers or even keylogging-containing Trojans, a lone "overlooked" program might mean misplaced valuable information. Since signature analysis cannot make sure protection against constantly appearing brand-new keyloggers, blocking the incredibly process of keylogging would be better. Such a technology already survives, and it can be the next step towards even more dependable protection against the virtually all malicious varieties of spy programs.
Alexandra Gamanenko now works at Raytown Corporation, LLC - the independent programs developing company, which created the technology capable of blocking the incredibly process of keylogging. Visit its website: http://www.anti-keyloggers.com
Article source: http://www.topiccenter.com/Computers-and-Technology/Software/