October 31, 2004 in Nation/World

Practicing safe clicks will prevent spyware

Anick Jesdanun Associated Press
 

NEW YORK – All Dennis McGrath wanted was to belong.

Just about everyone else in his chat room began displaying new kinds of smiley faces with their messages. So he downloaded a free program to get some, too.

Little did McGrath know he would also get a pesky toolbar that keeps reappearing no matter how he tries to disable it.

“When you go install something, a big window should come up with big letters and tell you in the first paragraph, ‘Here, we’re going to install this, this and that,’ “said McGrath, a former truck driver in San Jose, Calif.

Such tagalong software, generally known as spyware, is an especially tricky security threat because user carelessness is nearly always to blame. McGrath realizes he might have agreed to the toolbar in accepting a licensing agreement he didn’t bother to read.

Craig Herold, a retired phone company employee in Fort Wayne, Ind., allows that software developers may have the law behind them when they include consent within the licenses, but “everything that is legal is not necessarily ethical.”

At one point, he broke his computer trying to remove spyware himself. It took three technicians at the local repair shop to figure out how to restore his machine.

Indeed, some repair shops blame spyware for more than half the trouble they’re seeing. At Dell Inc., spyware accounts for 15 percent of service calls, up from 2 percent in August 2003.

And it comes down to the same reason: Users don’t know better.

Not that spyware developers make it easy on them. Many ride on the same techniques that legitimate software like Macromedia Inc.’s Flash use to get onto machines.

“People are just so used to clicking OK, OK, OK,” said David Purcell, owner of PCTechBytes in suburban Philadelphia.

Spyware is the first thing technicians look for when customers visit Purcell’s shop. And in 20 percent of spyware cases, he said, the problem is so bad that it’s easier, and cheaper, simply to reformat the computer’s hard drive and start from scratch.

How can users avoid spyware?

For one, they should read licensing agreements that come with free software. Many will name programs that tag along. For more details on what such programs do, try typing their names into a search engine or a spyware database like SpywareGuide.com’s.

“If they would read the end-user license agreement, they would prevent 80 percent of the spyware,” said Andrew Newman, co-founder of Giant Company Software Inc.

Also, keep Internet Explorer security settings at medium or higher so prompts will warn you of so-called drive-by downloads. Read those prompts carefully. Alternative browsers like Opera or Firefox or even alternative platforms like Mac computers can reduce risks greatly.

Some spyware bypasses such prompts entirely by taking advantage of known flaws with Internet Explorer or the Windows operating system. Get the latest security updates from Microsoft Corp. Installing the Service Pack 2 update for Windows XP computers should give users more warnings.

Users should also scan their systems regularly using one of a number of spyware scanners and removal tools, many of which are available for free. Be sure to obtain the latest definitions before running a scan, and try more than one because the tools vary in what they catch.

Dell Inc. and the nonprofit Internet Education Foundation recently launched a spyware education campaign. Video tutorials and other tips are available at getnetwise.org.

Teaching users safe practices won’t be easy, but it’s not impossible, said Neel Mehta of Internet Security Systems Inc. Though it took years, he notes, users today are more cautious about e-mail attachments that contain viruses.

© Copyright 2004 Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.


Thoughts and opinions on this story? Click here to comment >>

Get stories like this in a free daily email