This post was originally published on November 12, 2019.
Identity theft affected nearly 15 million Americans in 2018, racking up 4 billion USD in losses. If you or anyone you know who’s been a victim of credit card fraud, it’s highly likely that the underlying cause was spyware.
What is spyware?
A form of malware, spyware refers to software secretly installed on your machine with malicious intent such as stealing private information, credit card details, browsing history, and more data points. It’s designed to be discreet; you probably won’t know that it’s operating in the background as it has minimal impact on system resources.
When we talk about spyware, it’s important to understand that the term could mean several different things. Let’s take a quick look at them.
As the name suggests, keyloggers track your keyboard strokes and aim to detect things like passwords, financial details, or even just to keep tabs on your internet usage. Employers can use them to keep an eye on employee habits while hackers use them for more nefarious purposes.
Pleased about that shady free software you just downloaded online? There’s a high chance it might spring a nasty surprise in the form of malicious adware.
Adware secretly installs tracking cookies in your browser and mines web browsing history. The aim is to collect a critical mass of data so that it can be sold to third-party advertisers. It could also inundate you with pesky pop-up advertisements until you’re forced to make a purchase. As they say, there’s no such thing as a free lunch.
Trojans are a form of software disguised to appear as safe, innocuous programs. However, they wreak havoc the instant you download and install them on your device—revealing your personal details to the person who wrote the source code.
When did spyware first appear?
The earliest references to spyware is widely believed to have originated in Usenet discussions in the mid-’90s. But it was only in the early 2000s that spyware caught the attention of cybersecurity firms, which recognized it as a real threat.
The first program designed to counter the harmful effects of spyware was released in 2000. Since then, the attacks have only grown in prevalence and magnitude.
How do I get spyware?
A common method that hackers use to spread spyware is by exploiting zero-day vulnerabilities in your device. These vulnerabilities, or ‘bugs’ in common parlance, are deficiencies in existing software that haven’t been identified or patched up yet.
Hackers constantly scan popular software for such vulnerabilities and, in many cases, can identify them before the company itself. Consumers themselves may also exacerbate this problem by declining to download security fixes when available. That’s why we recommend that you keep your device updated at all times.
Another preferred technique is the use of phishing and spoofing. This is when hackers persuade you to engage in an action that will give them access to your device. Usually, it’s in the form of a convincing email or even SMS that appears to be from a person or company you trust.
How to remove spyware
If you think you’ve fallen victim to a spyware attack, then the best course of action would be to stop all normal activity on your device until you’ve removed the spyware.
Start by running a deep system scan with your existing antivirus tool or other security software. If you don’t have an antivirus software yet, you can try Avast or AVG. These services scan for malware, provide real-time security updates, and alert you to suspicious downloads.
To remove spyware, you have several options:
- Use a spyware removal tool from a reputable developer (like Avast)
- Manually uninstall apps that appear to be suspicious
- Perform a factory reset on your device to restore it to its original state
To prevent spyware, adhere to security best practices
By some estimates, more than 350,000 new malware programs are created and released in the public sphere every single day. Antivirus tools certainly do their best to keep up, but it’s possible that a few will slip through the cracks.
As a general rule, you must ensure you stay one step ahead of cybercriminals. We mentioned earlier how it’s important to keep your device updated but there are other steps you can take too. For example, clicking on that email from the Nigerian widow promising you millions in unclaimed bank deposits isn’t a great idea.
Only open emails from addresses you know and trust. Try to avoid visiting strange websites, such as those that offer shady sport live streams or instant riches via online casinos. And don’t click on pesky pop-up advertisements. You could also go a step further and install an ad-blocker.