These days, possibly the biggest danger you face when you go onto the Internet is spywarea type of malicious software that can invade your privacy and wreak havoc on your PC. Spyware is a relatively new phenomenon; it does not have a long history as do viruses, Trojans, and worms.
Spyware is an umbrella name for many different types of malicious programs. But these kinds of programs have several things in common. First, all of them, one way or another, spy on your behavior. They may watch what web pages you visit, and report that information to a server or person, or may track your web searches. They may allow people to record every keystroke you make. They may open up a "back door" into your computer so that hackers can later take control of your PC when they want.
The second thing they have in common is that they install without your knowledge, or by tricking you. One common way they get on your PC is when you install a piece of software, such as file-sharing software. When you install that software, spyware often comes along for a ride, and installs itself without your knowledge, or misleads you about what the program actually does.
Unlike many viruses, spyware is not created for malicious reasonsit is there to generate cash. One kind of spyware swarms your PC with dozens of pop-up ads, and you most likely click some of them to close them. But every time you click, the spyware purveyor makes money, because he has a business arrangement with a merchant or website to drive traffic to it.
Another kind of lucrative Internet attacks is so-called "phishing"attacks in which you're sent an email from what appears to be a bank, financial institution, or commerce site such as PayPal, Amazon, or eBay, but in fact are forged sites.
The emails warn that you must log on to your account, perhaps to verify information, or perhaps to be sure your account does not expire. You're told to click a link to get to the site. When you get to the site, it looks like the real thing, but it's a spoof. Log on, and all your information is stolen.
Why has phishing become so widespread? Because it pays offbig-time. Fraudsters can make massive amounts of revenue by draining bank accounts and participating in identity theft.
While phishing fraud is widespread, it's actually not that difficult to protect against. Spam filters catch most phishing attempts, and some email programs, such as Outlook, now include built-in anti-phishing tools. Additionally, browsers include anti-phishing tools that warn you when you're about to go to a website that is most likely a spoof. Additionally, there are browser add-ins that you can install that fight spoofs and phishing as well.
But the best protection is the simplest: Never click a link in an email that claims to be from a financial institution, no matter how legitimate the email seems.
Because there is money to be made from surfing, phishing attacks and spyware aren't going away any time soon. But as you'll see in this chapter, anti-spyware can combat them, so there are ways to keep yourself safe, and protect your privacy.