Spyware is kind of malware that collects information from a computing system without the data owner’s permission. The data often includes keystrokes, screenshots, authentication credentials, personal email addresses, web form field data, Internet usage habits, and other personal information. Most of the data is delivered to online attackers who sell it to others or use it themselves to commit financial crimes, identity theft, or use it for marketing , etc.
The software which can be called spyware must collect data without the data owner’s knowledge or consent and must deliver or make it available in some place to an unauthorized party. Software installed after the user has viewed and agreed to a clear privacy policy or to an EndUser License Agreement (EULA) that describes the data collection activities does not equal to the definition of spyware.
Examples of this kind of legitimate software are the software that track online shopping trends for delivery to a marketing company so that the user can receive targeted coupons or shopping advice. Some users may accept this kind of service which depends upon whether the software’s activity is legal or not, it may or may not qualify as spyware. If software fully and clearly states its operations, the decision to accept the terms and install the software typically show an acceptance of personal responsibility for any software operations.
Reading and understanding all these policies and agreements is pretty hard. Agreements can be intentionally vague, hard to understand, or so lengthy that users eventually agree from sheer frustration. In some instances, these practices represent a form of social engineering because they will persuade the user to agree to terms that they might not agree to if the agreement is mentioned clearly. Users need to be smart enough to understand this point so that instead of defaulting to agreement, they would instead not agree to terms they don’t understand even they want to use the software application so much. Because one of the keys to classifying software as spyware is the lack of knowledge and consent from the owner of the data collected, multiuser systems or systems in networked environments make interesting cases for study. In these situations, software that one user agrees to may collect data on other system users. They should also aware they are under spyware protection One user might agree to the terms, but if another user is logged on and the software collects data on their usage or other activities, it can meet the definition of spyware.
Who use Spyware?
Observation and analysis of collected malware reveals the types of data commonly extracted data from systems. This gives idea into the motives and classes of people involved in the activities.
In many cases, the perpetrators fall into one or more of the following categories:
· online attackers and organized crime
· marketing organizations
· trusted insiders
Membership in a single group is not exclusive and often, members from various groups can be found working together to accomplish their common objectives, often at the public’s expense. As previously stated, motivation varies but with few exceptions, is focused on collecting information that can be leveraged for financial gain.
Online Attackers and Organized Crime
Online attackers primary interest in spyware is using it to steal personal information for financial crimes such as carding , for identity theft, or to sell that information to someone else who then executes more traditional financial crimes. Sometimes they act alone to generate, deploy, and collect the information harvested from their spyware. Under other circumstances, they may develop and launch spyware on a contractual basis for criminals or organized crime organizations that have experience in more traditional crime but lack the expertise to develop and leverage technology like malware as a tool. There are many ways to leverage and profit from spyware; there is a steady demand in the underground economy for activities related to its development, deployment, and operation, as well as for the information gathered.
Marketing Organizations
Marketing organizations like to collect personal information such as email addresses, online shopping and browsing habits, keywords in search queries, and other personal and trendrelated information so that they can use those information execute marketing campaigns like spam, spim, browser popups, home page hijacking or even more.
Spying by a Trusted Insider
An example of a trusted insider might be an employee who leverages spyware to collect
corporate information which can be sold in the underground economy, used for blackmail, or used to gain access to more valuable information at some later time.