Thursday, May 05, 2005

Adware, spyware and Malware

The average person's computer is infected with > 30 adware programs. This is a statistics from Network World (April 5, 2005). Do you know what adware is? What's the difference between adware and spyware? What the hell is malware? How are you supposed to deal with all this crap on the computer and who really cares anyways?

(n.) (1) A form of spyware that collects information about the user in order to display advertisements in the Web browser based on the information it collects from the user's browsing patterns. Similar to spyware but it has legitimate purposes, for example, the ads on weather underground allow the provider to offer the service free to web surfers. All adware is not necessarily malicious nor is all adware innocent.
Unfortunately, some freeware applications which contain adware do track your surfing habits in order to serve ads related to you. When the adware becomes intrusive like this, then we move it in the spyware category and it then becomes something you should avoid for privacy and security reasons. Due to its invasive nature, spyware has really given adware a bad name as many people do not know the differences between the two, or use the the terms interchangeably.
(n.) Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers.
(mal´wãr) (n.) Short for malicious software, software designed specifically to damage or disrupt a system, such as a virus or a Trojan horse.
(fish´ing) (n.) The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card #'s, social security & bank account numbers, that the legitimate organization already has.
Phishing, also referred to as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

No comments: