Spyware

Spyware is software which is installed without the user’s knowledge and may gather information about that user's internet browsing habits, intercept their personal data, and transmit this information to a third party. Spyware commonly comes in the form of:

  • Trojan horse
  • Adware
  • Tracking cookies

Trojan horse

This type of malicious software pretends to be a useful program while secretly performing another function, eg spying on a user's activities. Trojan software is often used to create a ‘Backdoor’ which will allow unauthorised access to the user’s computer without their knowledge. Users may download and install what they believe to be legitimate software without realising that a Trojan horse will also be installed.

Examples of Trojans might be:

  • Free online games that you can download. You can play them for free but they may be tracking your activity due to the inclusion of a Trojan horse.
  • Third party browser toolbars. These appear to add features to your web browser but in reality are usually tracking your online browsing habits through the presence of tracking cookies that were hidden within Trojan software.
  • The Trojan may download as part of another piece of software such as trial versions of less well known anti-virus software.

Adware

Adware is not always malicious. It is not uncommon for developers working on their own to agree to include advertising within the software that they produce. They can legitimately include adware software in their product. They will be paid to allow this to happen and the software will show adverts when in use.

However, adware can also be installed without the user’s knowledge or maliciously as part of another piece of software. Adware can be setup to gather information about browsing habits.

This information can be sent back to the person who created the malicious adware and is a security threat. When the adware becomes intrusive like this, then it is spyware. Adware installed with the ability to review browsing habits makes use of tracking cookies.

Tracking cookies

Cookies are text files that contain information about browsing habits, such as the website visited and the username used to access the site. They can also track things like the amount of time spent on a site, or the multimedia that was watched as well as user defined browser settings. Cookies are saved on your computer to reduce the load that would be placed on servers if this information had to be held there.

Cookies can be helpful for those using the same system to access the internet on a regular basis. Like adware, there are legitimate reasons to make use of cookies. They can make browsing seem less demanding by remembering preferences and usernames. This saves time the next time you visit a website.

However, there are ‘tracking cookies’ and these cookies are designed to send as much data as possible to external servers/third parties. Sometimes the tracking cookie is used for market research and no theft of data is intended but on other occasions programmers can set the tracking cookie up to send them usernames and personal details. As well as concern around identity theft, these cookies can be used to target users with personalised adverts.

Many websites contain legal disclaimers warning users of the use of cookies. On many sites, cookies are being used to try and enhance the browsing experience but there will always be those intent on setting up tracking cookies to steal information.

A graphic illustrating what a cookie is and what it does