![]() | |
![]() | |
![]() |
Software Information |
|
![]() |
Most Dangerous Types of Spyware are on the Rise: How to Choose the Weapon
Bad News - the Threat is Bigger than it Seemed How recently it was - when even many journalists thought that spyware gathers mostly information to be used for targeted advertising. Definitions like "spyware, a.k.a. adware, is?" were pretty common in articles. Keyloggers and system monitors were mentioned as dangerous, but relatively rare. Until the Spy Audit survey made by ISP Earthlink and Webroot Software clearly showed - they are not rare at all. The results of the survey are here: http://www.earthlink.net/spyaudit/press/ and http://www.earthlink.net/about/press/pr_spyauditsurvey/ Reading them will be time well-spent for everybody who uses Internet and at least sometimes deals with information valuable enough to be stolen; in fact, it means just everybody. "Industry experts suggest that these types of programs [i.e. spyware in general] may reside on up to 90 percent of all Internet-connected computers" - that's the exact quote. Considering the number of computers scanned during this survey (which lasted for a whole year 2004), there is nothing left but to come to the conclusion - it must be true to fact. Despite the fact that one of the Spy Audit authors is an anti-spyware vendor, there is no doubt that the results are trustworthy - there has been more than 4.6 million system scans made in 2004. It seems that the results of the survey might be like the bolt from the blue even for the specialists, not to mention general public. 16.48% of all scanned consumer PCs in 2004 had a system monitor installed. It means that 16.48% of these users were definitely under monitoring (who monitors them - that's another question). 16.69% had a Trojan horse program, and this is a troubling sign, too - it is a keylogging module that Trojans often have inside. "Information-stealing Trojan" in descriptions most often means "keylogger-containing Trojan". Both figures give us an overwhelming 33.17% PCs contaminated with some program with information stealing capability. Even if not all these Trojans were information-stealing ones, the situation is distressing anyway. Schools of Phish and Herds of Trojan Horses "Traditional" phishing and spoofing (sending emails linked to a bogus bank Web site and waiting for unwitting customers) are, unfortunately, not new phenomena. It is a modernized two-stage scam which includes contaminating the victim's machine with a keylogger-containing Trojan horse program that is spreading like a wildfire now. This scheme is without doubt much more dangerous; in this case the victim needn't follow the link in the email. Trojan horse lurks in the background until the victim types particular titles or URLs into his browser. Once the user visits one of a number of banking Web sites the malicious code is triggered into action, capturing passwords and taking screenshots. Then the information is sent to remote hackers who can use it to break into the bank account and steal money. There were several outbreaks in activity of such information-stealing Trojans which targeted bank customers in 2004. Actually, such a scam was first used in Brazil - when the notorious Trojan named Troj/Banker-AJ appeared, experts recalled that the security firm Sophos had warned earlier in 2004 about criminals who used similar techniques to break into Brazilian online bank accounts. Crooks may use pretty ingenious and "efficient"(if such a word could be appropriate for this activity) techniques to place the Trojan into users' PCs - letters can be mimicking CNN news alerts, or offering to reserve the very latest book about Harry Potter in the series before it is published in July. Who knows what will they invent next? Looking for Solutions to the Problem In 2004 it become as clear as day to anyone - from being not much more than a nuisance for PC users, spyware turned into one of the major threats to information security. Since the Internet has become a part of daily life and business, rapid growth of such kinds of cybercrime as identity theft and phishing endanger the whole society. Some types of spyware, namely software capable of stealing valuable information (like passwords, SSNs), certainly facilitate these crimes. Software vendors by all means are responding to the threat to meet the enormous demand for anti-spyware protection. Several big anti-virus vendors, such as Norton and McAfee, have already begun providing anti-spyware protection as well. Microsoft also joined the anti-spyware market this year (and has already become a target for the malicious Trojan called Bankash-A; fortunately, no serious damages reported so far). Symantec plans to announce new features to fight spyware in some of its enterprise antivirus and intrusion prevention products. Besides, there also are - literally - hundreds of stand-alone anti-spyware developers and vendors. The number of anti-spyware software they all develop, promote and sell is constantly growing - and will grow in future. So will the profits. According to predictions from the market advisory firm IDC, the market for anti-spyware solutions is expected to boom in the next few years. Anti-spyware software revenues will soar from US$12 million in 2003 to $305 million in 2008. But what about end users - are they going to benefit from such a variety of anti-spyware solutions available at the market? Or will they just feel bewildered and lost in all this mass of ads offering instant relief from nasty and dangerous spyware? It looks like most people are already confused because advertising is pretty much alike - how to distinguish a high-quality product from some hit-or-miss software developers fabricated in haste just to get quick profit? What a user can (actually must) do is to know what exactly he or she is buying or installing for free. Here are several simple common-sense tips: The first step is to visit the site of the company that produces this product. Look it through. Read "about us" section. How long does this company exist? Ignore "testimonials" - there is no guarantee that it wasn't the company's PR manager who wrote them. It would be better to search, say, Google groups for opinions. A good old background check will also do a lot of good. It takes some time, though - but peace of mind later is worth half an hour's browsing the Web now. The simplest way is to search for the product's name along with such words like "installs", "spyware", "adware", "popups", etc. There are even lists of suspicious, low-performing, or adware-installing products. See, for example, http://www.spywarewarrior.com/rogue_anti-spyware.htm - an ample list of anti-spyware you'd better not buy. By the way, the whole this site is worth studying thoroughly. The fact that you are not a tech person doesn't mean you can afford not knowing the basic principles these products are based on. What a user can expect from an anti-spy product and what is simply impossible? Most anti-spyware products apply signature databases, i.e. rely on simple pattern-matching technique. Detecting spy software is the crucial step of the whole process - all the protection depends on whether the anti-spy software is able to detect as many malicious programs as possible. The bigger the database is and the more often it is updated, the more reliable protection the product will provide. Signature base, which most anti-spy products depend on, is actually the "list" of signatures - small pieces of spy programs' codes. Anti-virus or anti-spy program actually scans the system and compares its codes with those in signature bases. So, in this case only the spies whose signatures already are in the base will be detected and eventually "caught". As long as anti-spy software is regularly updated and the system doesn't come across some unknown spy product, everything is all right. The problem is that there is good deal of people capable of creating something brand-new, unknown to anti-spyware developers. The period of time when a new spy already exists, but the updates have not been released yet, is the very time when cybercriminals make their biggest profits. The advantage of signature base analysis is that programs based on this method of detection can be of wider range - it is possible to include signatures from different types of spyware and adware into a single database. However, regular release of updates for these bases becomes crucial. If the developer fails to do it properly and on time, there is a considerable risk for such a program to become "Jack of all trades and a master of none." The conclusion is simple - if a product applies signature database, it's better to choose anti-spyware with the biggest and most frequently updated base. Don't expect absolute protection - with this technique it is simply unattainable. But in case of information-stealing programs, like keyloggers or keylogging-containing Trojans, a single "overlooked" program may mean lost valuable data. Since signature analysis can't ensure protection against constantly appearing brand-new keyloggers, blocking the very process of keylogging would be better. Such a technology already exists, and it may be the next step towards more reliable protection against the most malicious types of spy programs. Alexandra Gamanenko currently works at Raytown Corporation, LLC - the independent software developing company, which created the technology capable of blocking the very process of keylogging. Visit its website: http://www.anti-keyloggers.com
MORE RESOURCES: Canadian software could be in Donald Trump’s sights for tariffs, technology lawyers warn The Globe and Mail Australia bans government use of Kaspersky software due to ‘unacceptable security risk’ - TechCrunch Auto industry in 'bit of a panic' to comply with China connected vehicle software ban - Detroit News Chip design software maker Cadence revenue skyrockets with AI demand Manufacturing Dive U.S. Export Controls On Software License Keys The National Law Review DJJ implements Scrap Dragon software Recycling Today News: Embedded Software Security Newsletter | Wibu-Systems USA A3 Association for Advancing Automation Waud Capital Partners Announces Next Chapter of Strategic Partnership with Software Veteran George Ahn PR Newswire Lucid Dream Software Wants To Bring the Blockchain to Print Companies Advertising Specialty Institute Best Financial Planning Software Of 2025 Bankrate.com For Greenville's Andrew Kurtz, Kopis' goal Is To Create Software 'Where It Doesn't Exist' Greenville News Board of Elections to upgrade software Sampson Independent Myths vs. Realities in Greenhouse Software Greenhouse Grower Agilysys Expands Sales Leadership, Adds Hospitality Software Veteran Dan Bell in Key New Growth Role Business Wire Vellox Group Unveils the Aviation Industry’s Most Unified Software Platform and Major Capital Investment AerialFire Magazine Ziehm to release new vascular surgery software at ECR AuntMinnie Europe Mack Trucks introduces automated software deployment Recycling Product News accessiBe Tops G2's 2025 Best Software Award for Content Management Software (CMS) Products PR Newswire A Look Back at E-commerce Software Stocks’ Q4 Earnings: GoDaddy (NYSE:GDDY) Vs The Rest Of The Pack Yahoo Finance Hyundai AutoEver's Vehicle Software Platform Achieves Top Global Functional Safety Certification PR Newswire Tech company sued for anti-religious software pricing WORLD News Group Warehouse software market to hit $10 billion by 2030, study finds Modern Materials Handling Safety and Innovation Challenges Intertwine in Medical-Device Software Development Electronic Design Unity Software May Have Bottomed Out In Q4, Setting It Up For A Return To Growth (U) - Seeking Alpha What’s Driving Automotive Software Development in 2025? Automotive IQ Australia Bans Public Agencies From Using Kaspersky Software BankInfoSecurity.com Australia bans government use of Kaspersky software over Russian espionage concerns The Record from Recorded Future News Software Stock Hits All-Time High Amid Generative AI Transformer Push, Eyes New Buy Point Investor's Business Daily Why Unity Software Stock Is Skyrocketing Today The Motley Fool Detect Threats, Notify Everyone, and Manage Incidents with Singlewire Software Campus Safety Magazine How Third-Party Logistics (3PL) Software Optimizes Shipping Programming Insider Xima Software Announces Strong 2024 Results, Expanded Market Presence and Enhanced Contact Center Solutions Longview News-Journal A.I. Is Prompting an Evolution, Not an Extinction, for Coders The New York Times Charting the evolution of mine planning software Mining Technology ez1095 ACA Software Offers Video Instructions for Upcoming Efile Deadlines Kilgore News Herald Software designed to provide diabetic patient education VA.gov Home | Veterans Affairs There are also software problems with the RTX 50! Overclocking.com Unity Software (U) Q4 2024 Earnings Call Transcript The Motley Fool 5 Best Custom Software Development Companies FingerLakes1.com Europe Contract Lifecycle Management Software Market, 2033 Market Data Forecast Best Project Management Software - 2025 Reviews & Pricing Software Advice |
![]() |
![]() |
![]() |
RELATED ARTICLES
Microsoft Great Plains Customization: Project Organization - International Business Example Microsoft Business Solutions Great Plains fits to majority of horizontal niches and clientele in the USA, Canada, Mexico, Latin America, U.K. Microsoft CRM Customization: Integration with Third Party SQL Application/Database Microsoft CRM - Client Relationship Management package from Microsoft Business Solutions was initially designed to be customizable with Microsoft Visual Studio.Net and one of its programming languages - C#. Keep Your Software Simple! A Review of EditPlus I like my software simple. If it's too complex or difficult to figure out, I don't use it. Great Plains Accounting Migration to Microsoft Great Plains - Overview for IT Specialist This is a short article, written in question/answer/FAQ style to give IT Specialist/developer/programmer balanced top level information on Great Plains Accounting migration to Microsoft Business Solutions Great Plains. If you have Great Plains Accounting as main accounting and ERP system you need to know some technical details on the migration to Great Plains and what is going on behind the scenes. The Dreaded Paper Label - Should it be Used? While paper labeling CDs and DVDs may appear to be a cost effective solution for printing on your media, there are solid reasons why you should consider other options.1) Hand application of paper labels can be time consuming and frustrating. Great Plains Dynamics/eEnterprise Upgrade - Things to Consider and FAQ If you have Great Plains Dynamics/eEnterprise (version 6.0 or earlier) and support it for your company then you need to know some technical details about Great Plains version upgrade and what is going on behind the scenes, which options do you have in case of Dexterity, VBA, SQL customization, additional complexity comes with migration from ctree/Pervasive to MS SQL/MSDE. Spyware, Adware, etc. -- Terms and Common Sense When reading an article where some term is used often, it is useful to make sure the author of the article and you mean the same. Not surprisingly for those who still remember English lessons at school, every noun ending with "ware" is a mixture of objects having something in common--usually used for similar purposes. Microsoft Navision Integration with Microsoft RMS - Overview for IT Specialist Microsoft Business Solutions Navision serves both European and American megamarkets. It was originally written by Denmark-based Navision Software in its own proprietary language C/SIDE (Client/Server Integrated Development Environment). Crystal Reports for Microsoft Great Plains - Overview for Developer Microsoft Great Plains is main accounting / ERP application from Microsoft Business Solutions, targeted to the US market.� It serves the whole of vertical and horizontal market: most of the industries and company sizes. Are You Waiting for Microsoft Longhorn Operating System I love new technology. I am still ready to wait long for Longhorn. Ukraine: a Prospective Player on the World Software Outsourcing Market The destruction of the Soviet Union about 15 years ago, made a huge country with a great level of IT science divided into small bricks. Nowadays, despite Russia's expansion into the world software development market, Ukraine keeps playing an important role here too. Software Process Improvement -A Successful Journey Background:For many organizations like ours, the interim target of achieving ISO 9001 or CMM levels is a daunting task. Discipline is no fun -Organizations readily acknowledge that striving to address projects according to ISO 9001 or CMM guidelines requires the creation of new procedures. Microsoft Great Plains Inventory Control - Overview For Consultant Microsoft Business Solutions Great Plains is marketed for mid-size companies as well as Navision (which has very good positions in Europe and emerging markets where it can be easily localized). Great Plains Inventory control is pretty robust and here we would like to give you highlights on standard functionality as well as what could be added to its standard features. Inherent Dangers Of File Sharing Via The Internet. Cyberspace has opened up a new frontier with exciting possibilities of "File Sharing." We can explore any interest imaginable and research any topic of choice. How To Make Good Use of Spreadsheets Most computer users use spreadsheets software such as Microsoft Excel in their daily home and office. However very few are aware of the potential of spreadsheets in helping them in financial accounting and statistical analysis. Microsoft Blues With the advent of 'Service Pack 2' for Windows XP operating system, Microsoft have really made the forums hum.Every forum on computer problems is replete with complaints that since downloading and installing 'SP2', many 'third party' applications don't work. Microsoft CRM and Great Plains Implementation: Freight Forwarding Business Automation Example Microsoft Business Solutions offers several ERP applications: Great Plains, Navision, Solomon and its own CRM solution - Microsoft CRM. Targeting to automate all business operations, Microsoft CRM is now integrated with Microsoft Great Plains and in the close future it should have integration with Microsoft Navision. Top Questions to Ask Before Buying a Help Desk & Asset Management Software #5 All your hardware components like Printers, PCs etc come under various maintenance contracts with different maintenance vendors. Do you know which batch of PCs are under warranty & for what number of PCs is the warranty about to expire (so that you can plan for an AMC)? Can you split up & tell how much AMC charges do you pay for each hardware component & how much for each vendor? Can you re-calculate the costs if an AMC with a vendor is to be renewed?#4 Typically your company gets hardware parts and accessories from different vendors. Lotus Domino/Notes - Microsoft Great Plains Tandem as ERP with Documents Workflow - Overview for IT Lotus Domino/Notes - Microsoft Great Plains tandem as ERP with Documents Workflow - overview for IT SpecialistMicrosoft Business Solutions has the whole spectrum of business applications, the good combination seems to be Microsoft Great Plains and Microsoft CRM. However we need to admit that Microsoft is relatively new in the CRM market and also for large corporation it could not be a good idea "to put all the eggs into one basket". Microsoft CRM Development Microsoft CRM is CRM answer from Microsoft Business Solutions.The whole conception behind CRM seems to be different. ![]() |
home | site map |
© 2006 |