Not all spyware is malicious or blatant – the most common legal form of spyware are cookies.
What is spyware?
Spyware is software that install itself without your knowledge or permission with the purpose of monitoring your device or online activity.
How Does a Spyware Infect Devices?
There are many ways that a spyware can infect a device a few of them are:
- A user clicks on an advertisement – also referred to as adware
- It can be installed together with a legitimate software as a trojan virus
- An infected link can be used – which starts a hidden download and installation
What Kind of Information Is It Looking For?
It will be usually looking for user’s patterns, online behaviour, personal information, credentials, identification documents or any other information that might be used in their favour.
What Are the Kinds of Spyware?
Unfortunately as briefly mentioned before there are several kinds of spyware, and they serve different purposes. The most harmless of all would be cookies and super cookies used by many websites. A research done by W3techs shows that 36.8% of all websites created uses some kind of cookies, this means that they are tracking what users patterns and behaviours in such website. However, it is very hard to guarantee that they are not selling the data they gather from the users.
There is also the expected kind of spyware that is installed in a device without the user’s permission, and it tracks any kind of data that the attacker might want. It ranges from details of the machine and files, to showing offline advertisement.
Keylogging is a branch of spyware despite it being possible to be attacked by all kinds of spyware at the same time. Keylogging is when the malware stores information of what is being typed allowing the attacker to have access to username and password of the victim.
Who Are the Attackers?
The first thing that might come in mind is a hacker with years of knowledge, right? While that might be the case spyware can be applied to anyone with little knowledge on how to do so. It will only that a person in another’s close social circle to be curious of their password and have access by any means to their unlocked device for the installation of such malware.
But spyware can also be spread without a single target aiming to attack as many people as possible. Often when this is the case the attacker wants as much information as possible for selling or using is as part of another cyber-attack, such as social engineering.
And when it comes to super cookies – cookies that are able to re-create a person’s profile even after deleted – are often used by big brands, social media, or stores as user’s profiles are very important for them to understand their market. Also, in case the user re-creates the account all the information on their behaviour will not be lost, creating the need for a new gathering of information, allowing for personalised content can be shown straightaway.
Can You Protect Yourself?
Having in mind that no method is fool proof users can drastically reduce the chances of being a victim of spyware.
- Always check the source of the application can be trusted, which will reduce the changes of a trojan virus.
- Regularly scan for spyware
- Clean cookies with frequency
- Never leave devices unattended in public, and in case it is necessary remember to lock it