1. INTEGRAL UNIVERSITY LUCKNOW Spyware Presented By- Sahibe
Alam
2. 2INTEGRAL UNIVERSITY LUCKNOW CONTENTS What is spyware Who is
spying How spyware operates Impact of spyware Risk of future
security incidents Common spyware forms Recommendations e 3/28/2017
3:02 PM
3. 3INTEGRAL UNIVERSITY LUCKNOW What is spyware 3/28/2017 3:02
PM Spyware is one type of malicious software (malware) that
collects information from a computing system without content.
Spyware can capture keystrokes , screenshots , web from data ,
internet usage habits and other personal information. The data
often delivered to online attackers who sell it to others or sell
it themselves.
4. 4INTEGRAL UNIVERSITY LUCKNOW3/28/2017 3:02 PM Who is spying
The people who use spyware include : Online attackers Marketing
organization Trusted insiders
5. 5INTEGRAL UNIVERSITY LUCKNOW3/28/2017 3:02 PM Online
attackers Online attackers primary interest in spyware is using it
to steal personal information for financial crimes. Such as carding
(illicit trafficking in stolen credit card and credit card
information) and identity theft. Or to sell that information to
someone else who then executes more traditional crimes.
6. 6INTEGRAL UNIVERSITY LUCKNOW Marketing organization
Marketing organization are interested in personal information such
as email address , online shopping and browsing habits. That can be
used to execute marketing campaigns like spam , browsers popups ,
homepage hijacking(changing the default web address for a users
browser). 3/28/2017 3:02 PM
7. 7INTEGRAL UNIVERSITY LUCKNOW Trusted insiders Trusted
insiders include those who have physical access to computer system
for legitimate purposes. Some examples are employs , contractors ,
temporary workers , and cleaning crews. For example an employee who
uses spyware to collect corporate information that can be sold in
underground economy used , for blackmail. 3/28/2017 3:02 PM
8. 8INTEGRAL UNIVERSITY LUCKNOW How spyware operates Spyware
tracks online activity looking for websites visited. Financial data
or identity data such as credit card numbers on screen or entered
into form field. When keywords of internet like names of banks ,
online payment system are observed , the spyware starts its data
collection process. 3/28/2017 3:02 PM
9. 9INTEGRAL UNIVERSITY LUCKNOW Impact of spyware Spyware can
cause people to loss trust in the reliability of online business
transactions. Similar to the problem of counterfeit currency in the
physical world , spyware undermines confidence in online economic
activity. Consumer willingness to participate in online monetary
transactions decrease for fear of personal financial loss.
3/28/2017 3:02 PM
10. 10INTEGRAL UNIVERSITY LUCKNOW Continue Even when financial
organizations cover an individuals loss from online fraud. these
costs plus the overhead required to administer loss prevention
programs are eventually passed back to customers in the form of
high service fees , interest rates. As a result , growth rates in
commerce are slowed , cost increase , and demand shrinks. 3/28/2017
3:02 PM
11. 11INTEGRAL UNIVERSITY LUCKNOW Risk of future security
incidents These sensitive information collected by spyware often
includes authentication credentials that may be used for future
access to the infected system. Once access is gained , additional
information theft or malware installation take place. Another way
spyware puts system at future risk is by installing backdoor access
mechanisms. 3/28/2017 3:02 PM
12. 12INTEGRAL UNIVERSITY LUCKNOW Common spyware forms Browser
session hijacking Browser helper objects Cookies and web bugs False
antispyware tools Autonomous spyware Bots 3/28/2017 3:02 PM
13. 13INTEGRAL UNIVERSITY LUCKNOW Browser session hijacking
This class of spyware attempts to modify the users browsers
setting. Hijacking spyware can be installed in various ways. These
redirects lead users to advertisements that earn the hijacking
commissions when they are visited. 3/28/2017 3:02 PM
14. 14INTEGRAL UNIVERSITY LUCKNOW Browser helper objects
Browser helper object (BHOs) are a feature of internet explorer
that can be exploited by spyware and they are not always easy to
detect. BHOs can access files , network recourses , and anything
else the user who launched internet explorer can access. Another
social engineering technique is inundating the user with repeated
popup request to install the software. 3/28/2017 3:02 PM
15. 15INTEGRAL UNIVERSITY LUCKNOW Cookies and web bugs Cookies
are small pieces of information stored on a users system by a web
server. During subsequent visits. often , cookies are used for
storing user authentication , preferences , and other type of user
information. They can be used to track a user across multiple
websites. 3/28/2017 3:02 PM
16. 16INTEGRAL UNIVERSITY LUCKNOW False antispyware tools
Applications available on some internet sites advertise themselves
as spyware detection or removable tools. In fact they themselves
are spywares. 3/28/2017 3:02 PM
17. 17INTEGRAL UNIVERSITY LUCKNOW Autonomous spyware Autonomous
spyware operates as a separate process or injects itself into other
processes running on your system. This type of spyware often starts
up when you log onto your computer and can frequently access
anything on your system. Autonomous spyware is malicious
application , it can be designed to perform any type of spying
functions. 3/28/2017 3:02 PM
18. 18INTEGRAL UNIVERSITY LUCKNOW bots A special class of
malware known as a bot or zombie is one of largest malware
problems. Bots are remote control agents installed on your system.
Once a system is infected with a bot , it become part of a the bot
network ( botnet) and is used in conjunction of other botnet
members. 3/28/2017 3:02 PM
19. 19INTEGRAL UNIVERSITY LUCKNOW recommendations Preventing
spyware from getting into your computer is your first step. Do not
download unnecessary software from the internet, specially free
ones because they most likely have spyware inside them. If a
download screen appears, asking you to confirm your download ,
click no if you not trying to install anything. Avoid clicking
advertised popups specially one that mention free stuff if
possible. 3/28/2017 3:02 PM