Unlike adware and NonBizWare, there is little room for interpretation here: Malware rarely belongs on any system.
* Rogue Anti-Spyware-Finally, spyware itself has created an opportunity for rogue anti-spyware-programs like SpyAxe. Winhound. and Spy Trooper that use pop-up ads and scare tactics to convince users to download phony anti-spyware programs. When executed, many of these rogues generate "false positive" warnings that hound users into purchasing clean-up programs or paid feature licenses.
These are but a few of thousands of pieces of code congregating under the spyware umbrella. They illustrate that spyware is extremely diverse in delivery method, installed behavior and potential impact. These characteristics make spyware challenging to detect, and even more challenging to mitigate. In short, spyware is a complex threat that is most effectively addressed through multiphase, multi-layered defenses.
Phase One: Proactive Prevention
Spyware has a penchant for social engineering-from tricking users into clicking on fake pop-ups to bundling trojans with enticing shareware. We cannot depend on users to "do the right thing," hut we can still benetlt from spyware education. Many on-line resources exist, including StopBadWare.org. StaySafeOnline.org, CERT Cyber security Tip ST04-016. and knowledge bases published by reputable anti-spyware vendors. But take care to avoid rogue anti-spywaresee www.spywarewarrior.com/rogue_anti-spyware.htm.
Spyware often makes its way onto a desktop through a Web browser. Secure browser configuration can help to stop hijackers and drive-by downloads. ActiveX controls are a spyware favorite; disabling unsigned ActiveX is a simple but valuable step. Disabling Java applets can also be helpful, but more likely to cripple legitimate websites. These and other browser configuration tips can be found online, including http://cybercoyote.org/security/browsers.shtml. Companies should disable user prompting, enforcing active content and plug-in settings with a desktop management tool like Active Directory Group Policy Objects. Continued