|
Spyware Taps Into Your Personal Information And You May Be Consenting To It...
When you click the I AGREE button, you may have just agreed to spyware. You better understand what the Terms and Conditions are that you just agreed to. My wife, a customer service agent for 33 years, gave me the thumbs down on this page. "Whom are you talking to"?, she asked. "No one wants to know all this. All you have to do is tell them it's a great service and all they need to know is how to turn their computer on or off. If they have any problems, call tech support. That's it, they don't have to worry about anything. It's hassle free." Okay, for those of you who only need to know that, then go here and protect your family, yourself, and/or small business. The following is a great deal of content on spyware. As a matter of fact, the entire website is an over-delivery of content regarding Internet security. It's more than most of you care to know about, but I've taken the time to provide it for those of you who are interested. That said, here's the bottom line...if you want to be on the Internet, it's going to cost you money. You've paid for your computer, your software, your periphial hardware, and your Internet Service Provider (ISP), not to mention future repairs. None of us have paid to be spied on, but that's what's going to potentially cost you more than all the rest combined. The off-the-shelf security products are a billion dollar industry and they're falling incredibly short of protecting the consumer from the cybercriminals. If they worked, we wouldn't have a 400 billion dollar cybercrime industry. For the most part, the off-the-shelf programs or free downloads from the Internet are grossly inadequate and provide nothing more than a false sense of security for the general public. Bottom line-- spend your money on something that will give you a return-on-investment (ROI). You are already spending money on inadequate software (in the first half of 2006, spyware infections prompted almost a million U.S. citizens to replace their computers [Consumer Reports, State of the Net 2006]). Forty percent of computer crashes are caused by malware and, if your lucky to catch the problem before the crash, it will cost you an average of 100 dollars to take it in for repairs. And these are not the true cost for repairs--loss of time and the use of your computer are. Unless you are an IT, chances are you've never been exposed to a managed security services (MSS). Why would you? Until recently, it's only been part of the corporate world and too costly for the grneral public. I'm getting off the subject of malware, so here is a quick wrap-up. Managed security service is a service that provides all your security needs (for families and small business owners) for less than the true cost of buying all your off-the-shelf retail security software products. This managed security service is the best service and solution to combat a pervasive and pandemic problem. This service provides an Enterprise (professional) best-of-breed world class technology coupled with unlimited technical support for whenever you think there's a security issue with your computer. All you do is pick up the phone and call your security technician who will do a remote access and fix the problem without you having to leave your home or office. This is a critical aspect in maintaining pro-active maintenance. The resistance to call for help due to financial constraints is removed. An additional benefit of managed security is the personal comprehensive Identity Theft policy valued at 25 thousand dollars (underwritten by AIG) for both the customer and his/her spouse. There is a lot of wisdom in having experts handle all your computer security needs. Remember, security will never be 100 percent effective, so when you do get infected with a piece of malware, your security tecnnician is standing-by to remove it and restore your computer. Oh, and by the way, there is never any charge for upgrades or updates. There are more benefits to the service, but these are the critical components. Join us and our launch of the Cyberhood Watch Program and enjoy a hassle free and safe computer experience. Learn more about your computer security and a managed security service. Of all the malware, spyware has emerged as one of the most serious scourages of the Internet. It is by far the most pervasive intrusion perpetrated on unsuspecting individuals. Most malware is placed on the computer without the knowledge or consent of the system's (computer) owner, and, by definition, to be considered spyware it must collect data undetected and transmit it back to an unauthorized party. Staggering numbers of consumers' computers (estimated to be greater than ninety percent) are likely infected with malware and the consumers have no idea that their computers are infected. Today, a system can mean more than a computer, it branches out to include mobile devices as well. How many millions of those infected with malware don't even realize they have contractually agreed to be spied on? Many have given permission to be observed and watched, permitted the tracking of their habits, their personal tastes, their desires and behaviors, their friends, and their preferences-- everything, all gathered, calculated and profiled. Every move made is being recorded, logged, stored, and made available for sale or shared with countless others for a price. When an individual clicks on the "I Agree" button to the End User License Agreement (EULA), he or she better know what's been agreed to. This is the reality of cyberspace; individuals like you and me are violated on a regular basis, and most of us are individuals who have agreed to the EULA. All these data are then transmitted back to the authors of the malware who will either sell it to others or use it for themselves to commit financial crimes, send spam, execute marketing frauds, or steal identities. Make sure your computer is free of spyware and hacker tools. Take a moment and run a test (no charge). Don't worry, there are steps you can take to assure as well as insure that your family, yourself, and/or your business is protected. I'll show you how you and your family can enjoy a hassle free and safe Internet computer experience, but, first, let me finish telling you about spyware, its history and all its insidious workings. If you know all about malware and understand the importance of protecting your personal information, then go ahead and validate the security of your computer with the above test and then check out the value of a managed security service. Spyware first appeared around the 1980s when keyloggers were first discovered on computers at university campuses. However, it definitely made its appearance in late 1990, specifically December 1999, and, like the Grinch, it arrived just in time for Christmas. As a matter of fact, it was introduced as an innocent yet unsuspecting game that took the Internet by storm. It was a silly little elf game called "Elf Bowling"; unfortunately, the only trouble was the silly little elf game was loaded for bear and with plenty of spyware. It was, in fact, a stealth program that reported information back to its authors. That was the Grinch's gift for the "New Millennium". The first use of the term "spyware" occurred October 17th, 1994 in a Usenet post as a facetious reference to Microsoft's business model. In early 2000, however, Gregor Freund, founder of Zone Labs, referenced the term spyware in a press release introducing ZoneAlarm's Personal Firewall. It was Steve Gibson, founder of Gibson Research, who developed the first anti-spyware in early 2001. He developed "OptOut" when he discovered that adware that had been developed by Aureate (later Radiate) and Conducent had been installed on his system without his consent or knowledge. Let me tell you a short story that illustrates just how insidious a hacker can be. The incident happened to one of our "Security Advocates" whose story to this day still intrigues me. She ran a business that required her to catalog pictures of retail products shown on her web site and so she decided to purchase a new digital camera. The camera (a well-known brand name) was purchased online from a mega online auction store. She unpacked the bright yellow box, installed the software and went about taking pictures of her products. It wasn't long before her computer started to crawl to a halt and computer lock-ups became frequent. After several unsuccessful trips to the repair shop costing several hundred dollars, the techs remained stumped about the cause of the problem, other than the computer was infected each time with nasty spyware. She was about to call it quits and buy a new computer when she learned from a friend of a managed security service called "Invisus" that was available for the first time for families and small business owners. With nothing to lose (30 day money back guarantee), she subscribed to the service, called technical support (unlimited calls for subscribers), and they went through her computer (remote acess) with the fervor of salmon returning to spawn. What they discovered was the software she had installed from the new digital camera had been altered and malware had been installed on the installation disk. As it turned out, the hacker who was selling the cameras (at a reduced price) was altering the installation disks by adding spyware (keyloggers) to capture passwords. The hacker then accessed bank accounts and was stealing from those who had purchased the cameras. He then turned around and bought more cameras to sell online with infected installation disks. This hacker wasn't the first and only ingenious cybercriminal out there. However, had this client been protected with the "Invisus" managed security service that she now has on her computer (best-of-breed Enterprise technology software), none of this would have happened. The problem is not getting better as indicated in the conclusion of the January 31, 2007 meeting of the Cyber Security International Alliance (CSIA). In the annual report of the 2007 Agenda for U.S. Government Action and the Federal Progress Report for 2006, CISA received grades of C- and D overall, respectively. Liz Gasster, acting executive director and general counsel of CISA indicated that she was "discouraged by Congress' inability to pass comprehensive federal law to protect sensitive personal information, even in the face of more than 100 million Americans having their data records exposed".
You've spent good money on your computers so why treat them as disposable items. If you are not proactive to eliminate malware from your computer, then you are definitely depleting its useful life. That doesn't mean loading up your computer with all kinds of free security software that may not be compatible. There is a lot at stake and you need good quality technology like enterprise grade level best-of-breed technology that runs seamlessly. A computer that is infected or overloaded with free or cheaply written software will run poorly and will shorten the life of the unit. Many of the free spyware programs are written poorly and do not integrate well with each other as well as with the operating system causing computer incompatibility issues and conflicts that put a strain on the system causing it to lock up and crash eventually causing the final dreaded "blue screen" of death. The cost of prevention and good maintainence is no different than regular maintenance on your car; go without an oil change and see what that does for your car. If you want your computer to last longer and perform better, then protect it with the best managed security service. It pays for itself in the end. The Federal Trade Commission (FTC) listed the ill effects caused by spyware:
2. Slowed computer performance, sometimes resulting in crashes 3. Changes to the browser's homepage 4. Unanticipated tool bars 5. Unanticipated icons in the Windows system tray at the bottom of the desktop screen 6. Certain keys being rendered inoperable 7. Random, haphazard error messages 8. A hijacked browser, i.e., the browser program goes to websites other than those directed by the operator Once spyware has found its way onto your computer, the difficulty in removing its applications is a hallmark event. First, the malicious code prevents the Windows program from registering the program, which, in turn, render the Add/Remove Programs non-functional. Second, since the programs were placed without the intention of being removed, it would make sense there wouldn't be an uninstaller. Third, the downloaded payloads can be as many as 4,000 installed files as part of the applications which can then insert as many as 2,000 registry changes. Fourth, file and folder names will be changed on an ongoing basis to evade detection and removal. Finally, "tickler" files are left behind which are capable of re-installing the program in the event the spyware program is detected and deleted.
* For seven consecutive years, Identity Theft has topped the U.S. Federal Trade Commission's annual report on consumer fraud complaints. Of those 674,354 complaints received, thirty-four percent (242,767) were attributed in 2006. (FTC's Consumer Fraud and Identity Theft Complaint Data, Feb., 2007) * Americans lost approximately 49.3 billion dollars in 2006 to criminals who stole individuals identities. (Javelin Strategy and Research, Jan., 2007) * Small to medium-sized organizations have "major problems" with spyware representing forty percent of all security downtime costs. * Large U.S. organizations lose an average of 2.2 percent of their annual income, which equates to more than 30 million dollars, to security attacks. (Infonetics Research's Costs of Network Security Attacks: North America 2007) * Over the next two years, it is estimated that twenty to fifty percent of companies will become infected with spyware. * By 2008, forty percent of organizations will be targeted by "financially-motivated cybercrime". (Gartner, IT Summit, Sept.,2006) * The FBI estimates all types of computer crime in the U.S. costs industry about $400 billion dollars while, in Britian, the Department of Trade and Industry stated computer crime had risen by fifty percent over the last two years. (Reuters, Sept.,2006) * In the first half of 2006, spyware infections prompted almost a million U.S. users to replace their computers. * One out of eight surveyed had major and often costly problems due to spyware. * The economic fallout per incident was one hundred dollars, with damages totaling 2.6 billion dollars. (Consumer Reports, State of the Net 2006) * Two-thirds of consumers that use the Internet for financial transactions are extremely or very concerned about giving out their personal or financial information to a fake website and of hackers stealing financial information from their computers. * Sixty-seven percent of those surveyed could not indentify a secure website. (National Cyber Security Alliance, 2006 Online Fraud Report) * Eighty-one percent of home computers lack core protection (updated anti-virus software, a firewall,and spyware protection) * Thirty-eight percent of home computers lack any spyware protection software. * Sixty-eight percent of users keep sensitive information, like personal correspondence, professional records, and financial information on their home computers. * Seventy-four percent of users rely on the Internet for sensitive transactions from their home computers, such as banking or reviewing personal medical information. (National Cyber Security Alliance, 2005 Online Safety Study) * Sixty-five percent of European and American respondents, on average, have experienced security problems, like viruses and spyware. * One-in-six has had his/her personal information lost or compromised. * U.S. consumers are more worried about identity theft and fraud than any other security concern, even personal safety and terrorist attacks. (CMO Council 2006 Consumer Audits)
Given the magnitude of the malware problem and recognizing the insidious nature and damage inflicted on individuals and businesses and the erosion of consumer confidence, the 109th Congress session, in 2005, proposed spyware-specific legislation to help regulate these issues. The proposals were the Securely Protect Yourself Against Cyber Tresspass Act ("SPY ACT"), the Internet Spyware Prevention Act of 2005 ("I-SPY"), the Software Principles Yielding Better Levels of Consumer Knowledge Act ("SPY BLOCK"), and the Enhanced Consumer Protection Against Spyware Act of 2005. Whether or not they become law, they provide for a better content-based adware and spyware installations.
Good detective work, or better yet, forensic science will shed some light on the motives and the authors of malicious code. According to (CERT), if you analyze and extract the data that the malware is collecting, it will provide insight and profile what catagories the perpetrators may fall into:
* marketing organizations * trusted insiders Marketers are more interested in the personal information to better execute marketing campaigns. Once they have profiled the online shopping and browsing habits, know their victim's personal keyword searches and trend-related information, what they are looking for is only a matter of providing it through spam, browser pop-ups, home page hijacking, all delivered to and through their email addresses. The trusted insider is one that leverages spyware to obtain information, then uses it to blackmail, sell it to competitors, or to gain acess to more valuable information. As I stated earlier, this malware has the ability to monitor any activity or piece of data on your computer as well as mobile devices, transient data, connected networks, faxes, printers, Tivo, 360 Game Boxes, etc. There is no data outside the reach of a malicious programmer. A malicious author collecting all that volume of data would find it difficult to mine for valuable information were it not for the fact that spyware has progressed and is now capable of filtering out all the noise and pinpointing precise targeted information. Who would have conceived that we would have freely placed the tool that allows "big brother" right into our living rooms and bedrooms.
Spyware has economic impacts as well as consumer confidence impact... Need to recognize the financial motives and remove them... Chess game...develop technical solutions to combat spyware and what happens...counter-response...improved spyware Remove the profit from spyware-related activities thereby reducing the value of spyware, which is better than trying to defend against spyware... Spyware defense...remove its profit...
|
