Security Sin 6 – “I scan for viruses, so my computer is safe from threats”

jjones | Guides | 19/12/2008 11:13am
No Comments

When you think of malware, it’s the computer virus that springs to most people’s minds, largely because of several high-profile outbreaks in the last 10 years. However, things have changed and viruses are no longer the biggest threat to your PC’s security. Spyware has replaced the virus as online public enemy number one.

If you haven’t heard of spyware, then it can be difficult to distinguish it from viruses, but the main difference is that spyware collects your personal data, effectively spying on your browsing habits. Once embedded on your PC, it can collect information such as banking and credit card data, online shopping details, passwords and other identity-related information. This data may be used by the hackers themselves, or it may be sold on to criminal gangs.

While the distinction between viruses and spyware can be blurred at times, it’s important to understand the differences in order to properly protect your PC. Unlike the destructive viruses that have dominated the headlines in the past decade, spyware is designed not to be detected, and lies hidden in parts of your PC not checked by the average virus checker. Instead of attempting to destroy your data and infect other computers to gain notoriety for the author, most spyware is designed to collect your personal information, and then pass it back to its creator.

Sergei Shevchenko, from security software company PC Tools, has had many years of experience in the security field, and has witnessed the evolution of viruses and spyware first hand. “With time, viruses evolved into spyware,” he explains. “Spyware is financially motivated software designed to blend into the system and run unnoticed for as long as possible by using advanced techniques.”

Unlike viruses, which aim to cause damage to your computer, spyware takes a more subtle approach, which evades the claws of simple virus checkers. Spyware masquerades as legitimate software to get past virus scans, and because it doesn’t act suspiciously, some virus checkers don’t pick it up. Some spyware goes even further than this and actually targets your security package and terminates its active processes, rendering it useless.

Defying detection

It’s not just your anti-virus software that’s affected by spyware, however. It can also hide from firewalls by injecting itself into legitimate parts of your system so that the malicious activity appears to originate from the system itself, and therefore avoid being shut down. This trickery is notoriously difficult to defend against, especially because the writers are constantly finding new ways to avoid detection. Spyware can continually morph its code or be updated via the internet.

“When a computer is infected with spyware, every keystroke, web site, password and online conversation can be monitored and recorded by the organisations that have installed the spyware,” Sergei says.

Maintaining good anti-spyware defence is the best way of avoiding infection, and this means adding to the simple virus protection you may already have. The reason is that spyware operates in a very different way to the traditional virus, and the value of your information is so great that the consequences are more important.

When choosing security software, it’s imperative that it can detect spyware behaviour, rather than simply matching strings of code. Behavioural techniques are used to detect other security risks, but it’s especially important when it comes to spyware, because writers tend to favour targeting a few PCs rather than hundreds of thousands, so they stay undetected in the wild for longer, because the code isn’t passed on to security companies as quickly. Packages such as PC Tool’s acclaimed Spyware Doctor with Antivirus have such detection methods, so your PC is totally protected.

Reader rescue

This month we helped reader David Burnige from Bordon, Hampshire overcome his spyware anxieties. David spent many years as an engineer for Philips Electronics and has plenty of computing expertise. David’s PC was well secured from viruses using a free solution that was perfectly adequate. However, when it came to spyware, David knew that his setup was lacking, so he called us in to help.

David’s need for spyware detection was apparent when we asked him about his PC habits. Internet banking and online shopping for bike parts make up a large part of his PC use; two usage models that spyware writers routinely target to steal information so that they can make some easy cash.

“I mainly use my PC for editing my digital photos, but internet banking and shopping are common tasks, too. I am concerned about spyware, but the security on my bank’s login page makes me feel particularly safe,” David said.

The first thing we did was to install PC Tools Internet Security on to David’s machine, and run a full scan of his PC to make sure it was clear of spyware. The package was ideal for David’s needs because it included the excellent Spyware Doctor with Antivirus program.

Fortunately, David’s PC was clear of spyware, mainly because of the care he takes when surfing the internet. He only downloads software from trusted sources, but despite his careful attitude, he has still encountered some problems.

“I have been experiencing an increased level of alerts recently, particularly from spam emails. I accidentally opened a spam email, which caused a series of pop-ups to appear on my PC at the same time, and my anti-virus software triggered a warning and quarantined a file,” he said.

Despite the lack of any spyware on
his machine, the scan revealed several adware trackers, which may have been a result of this spam email accident. David was lucky that this didn’t lead to a more serious situation, but in the future his PC would be ready for anything the internet could throw at him.

The many faces of spyware

Keyloggers
A small, simple program widely available on the internet, which records all the keystrokes made by a person and uploads the data to a location on the internet, which can be used to find out email account information and banking details.

Trojans
Programs that appear to serve a legitimate function, but in fact install dangerous spyware or viruses on your PC.

Hijackers
A method of hijacking your internet browsing. In some instances software makes changes to your registry that automatically redirects you to particular sites, and in other cases, malware writers can intercept your internet traffic.

Rogue anti-spyware
One of the most common types of spyware are alerts that fool users into thinking they are infected by spyware in order to persuade them to download a program to cure the problem. That software is then given permission to make unlimited changes to the PC.

Rootkit
A form of malware designed to conceal its presence both from the user and from security software such as anti-viruses, firewalls or host intrusion prevention systems. Rootkits are considered the most advanced form of malware because they represent a real challenge for security products to detect and remove.

Win security software worth £50

To make our campaign a success and fight back against viruses, spyware and scams, we need your support. Pledge that your PC is free of the seven deadly security sins, and you could win a copy of PC Tools Internet Security Suite, worth £50. We have 70 copies to give away and we will be selecting 10 winners every issue until January. Entrants will be rolled over each month so the sooner you pledge the more chances you have of winning.

Go to www.securitysins.com to find out more.

This entry was posted on Friday, December 19th, 2008 at 11:13 am and is filed under Guides. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a comment, or trackback from your own site.