Spyware have its main purpose is to gather information and send it back to the attacker, well, to
spy. The attackers don’t generally want to cause damage directly, but want to
compromise your privacy and anonymity based on some agenda they’ve got. Spyware
is intelligence gathering malware.
For example, a rootkit can also be a Trojan horse, someone could call spyware a
virus. The point is just to understand the variants that exist and the possible purpose
of the malware.
Adware, which some people consider it to be a form of spyware. Is
undesirable software that forces advertisement on you. There are millions of different
variants of this. One of the most annoying and destructive form of adware is called
Cool Web Search. You may even have encountered it yourself, but there’s nothing
cool about it at all.
Know Your Enemy - The Current Threat and Vulnerability Landscape
It hijacks your default search engine, it displays ads in the browser, when you click
on links, it sometimes takes you to places that it wants you to go to instead of where
you want to actually go to, and it actively defends itself from being removed and
getting rid of it. So it’s particularly hard to shift. And there are many, many variants
of it that have affected millions of people.
When an adware or malware takes over your browser in this way, it’s known as
Browser Hijacking, and you might hear that term more throughout the course.
You should always pay particular attention when installing software because often,
a software install includes optional installs such as this browser hijacker that we’ve
just mentioned. So you can see here optional installs. And what you’ve got here is
installs that are going to be potential adware. So be very careful what you agree to
install.
Always opt for the custom installation and deselect anything that is not familiar,
especially optional software that you never wanted to download and install in the first
place. It goes without saying that you should not install software that you don’t trust.
Sometimes your device might come with adware preinstalled if you're particularly
unlucky. One of the worst cases was Lenovo preinstalling Superfish adware that not
only served you adverts based on what it knew about you from spying on you, it also
included a self-signed certificate allowing your browser TLS and SSL encryption to be
bypassed. So not very good of Lenovo there. In fact, I will never buy a Lenovo laptop
again because of that and all the rest of the things that Lenovo had done.
Scareware is a type of social engineering attack to trick a person into
believing in a threat that isn’t really real. So a common example is fake security
software claiming that you have malware infections or something like that. Often they
want you to pay something in order to fix the fake problem. These scams have been
extremely successful.
You can see here Personal Antivirus Software. It’s identifying all of these fake
vulnerabilities. And then it’s going to keep popping up, it’s going to keep causing
problems on your machine, and then people are fooled into paying for something to
remove the fake viruses.
And finally we have this catch all term. If it’s something that you might not have
wanted, these are called Potentially Unwanted Programs, or PUPs.
They’re called potentially unwanted because the antivirus companies and people
that attempt to remove these things aren’t quite sure whether you want them or not.
Most often, you don’t want them.
They’re annoying; the things that are bundled in with software. So again, they are
often bundled in with the software when you install, so you must make sure when
you install software, you go through the custom install and make sure you remove
any of these PUPs.