Spyware Making Presence Felt as Latest Emerging Internet Threat

Over the past few months, a class of malicious programs known as “spyware” has emerged as a new Internet menace. Spyware are programs which transmit information from your computer, such as browser history or other personal information, to a remote server. These programs are sometimes installed by unsuspecting users who do not realize that, say, the “free password wallet” also has a malevolent interest in which sites they visit while online. Alternately, spyware is sometimes installed in addition to a seemingly legitimate application, a fact which can be difficult to detect. Some unscrupulous spyware vendors now use popup ads to install spyware, generating windows that will automatically install the spyware if the user unthinkingly clicks `next.’ More recently, spyware has increasingly been installed on PCs by a fourth, far more insidious, method. Spyware authors have begun to use a combination of popup windows, as described above, and vulnerabilities in Internet Explorer, the most widely used Web browser, to covertly install these programs without any user interaction. While Microsoft has released patches for several of these vulnerabilities, new ones seem to crop up several times a week. These programs stretch the boundaries of spyware and can legitimately be considered “Trojan horses” rather than simple annoyances. Of course being proactive is the best way to protect your institution from future spyware attacks. To do so, consider the following preventative measures: Consider using a custom Web filtering policy to limit access to Internet resources. For example, you might block access to non-business-related Web sites such as shopping and news sites. You could also use Web filtering to block access to certain dangerous file types, such as .cab and .exe files. Though it’s not often used, increasing numbers of credit unions and banks are considering a default-deny policy on Web browsing, which prevents employees from visiting unauthorized sites. This method is very effective in protecting your employees from malicious sites. It is best to block first and ask questions later when the intentions of a particular Web site are in doubt. Patch! There are good reasons why you should keep your patches up to date. New Internet Explorer vulnerabilities come out all the time, and you can be sure that when a patch is available, someone is already using the vulnerability for evil. Don’t let them make you a victim! There are services out there that can help you with that. Run a spyware remover such as Ad-aware or Spybot regularly. Better yet, run more than one of them, as each has its strengths and weaknesses. Treat them like your virus scanner – ensure that they’re kept up to date with the latest signatures. Run up-to-date anti-virus software, too. While spyware programs aren’t technically viruses, more and more of them are getting close enough to the line that anti-virus programs are beginning to develop signatures to catch and remove them. If you lack the time or expertise to handle spyware and virus scanning, get help. If you do not use any Web applications that require it, consider migrating your employees to a different Web browser like Mozilla Firefox (http://www.mozilla.org/products/firefox/) or Opera (http://www.opera.com/). These browsers have significant functionality improvements over Internet Explorer, and have few to no security issues. However, not all Web sites function properly with browsers other than Internet Explorer, so significant testing is suggested before a full-scale migration. In conclusion, spyware is a large and growing threat that deserves careful consideration and countermeasures. Fortunately, while there is no way to completely eliminate your institution’s exposure, preventive measures are very effective in protecting you, your staff and your credit union.