When we think of spies, we might call to mind the suave, slick image of James Bond. Shaken and not stirred as he traverses the globe wooing women and defeating bad guys. The truth about your everyday spy is that they lurk behind webcams and keyboards, keeping track of everything you do online.
For its many victims, spyware can be devastating. In most cases, hackers bundle spyware with adware or other types of malware with the intention of invading your life – which could include everything from stealing your bank account details to recording you through your webcam.
Even more curiously, in 2016 a spokesman for the German interior ministry announced that the government had approved the usage of Trojans to monitor suspected citizens. The spokesperson said, “Basically we now have the skills in an area where we did not have this kind of skill.”
Before they use the malware, government officials will have to get a court order allowing authorities to hack into the suspect’s computer or device. The Trojan will let them monitor the user in real time, spying on them, and potentially stopping illegal acts.
But how does the average person get spyware?
Spyware can be caught in many different ways. It can be sent via email or downloaded by triggering a drive-by download (a type of download that runs covertly in your system so you might not even know it’s happening).
We look at twelve common ways that people can expose themselves to spyware.
1. Clicking on fake ads
Ever head over to a website only to be bombarded with flashing ads, massive download buttons, or images and animations of scantily clad women offering their wares? Don’t click them, tempted as you may be, as many of these ads are loaded with malware or link to sites that exist solely to give you something nasty.
Likewise, if you’re ever online and a site you regularly use seems to have more ads than usual, you may have caught adware somewhere by mistake. Don’t
click on any of these ads, as they may well be a portal to more malware.
2. Downloading torrents
Internet users are flocking online to download their favourite TV shows, but they might be getting more than they asked for as torrent files can be bundled with malware. Fake download buttons and ads are also a problem as they’re often on prominent display on torrenting sites. They’re often blatantly placed and massive to trick you into clicking them and unleashing havoc on your poor device.
3. Opening spam emails
Spam emails are dangerous. Often ridiculously over the top, many spam emails promise huge windfalls, extremity enlargement, and meetings with singles in your area. While these emails may go straight to your junk mail, spam does sometimes slip through the cracks and invade the safe space of your inbox.
The danger in emails is in the attachments or links. Often, spammers will include a few details in the mail to pique curiosity. It could be a very official looking email from a well-known brand or service telling a user that someone has recently used their account or a message from your bank talking about unverified payments. The concerned victim will click the link and be taken to a spoof version of the site that will look very real.
The poor victim will enter their login details or their bank account details and the spammer will suddenly have access to a very important part of their lives.
In some cases, the victim will get away with it and only end up on a site loaded with spyware or other types of malware – and that’s the best case scenario. The worst case scenario is much grimmer.
4. Visiting dodgy websites
Again, the trouble is in engaging with sites when you know you shouldn’t. Whether it’s adult content or a torrent site, you need to be very careful about what you engage with as you could find your computer or device loaded with all kinds of nasties.
5. Downloading bad software
Maybe you want to edit together some cute footage of your cats or your kids (or your kids with your cats) and you’ve gone on the hunt for good video editing software.
The problem with free software, especially for a complex activity like video editing, is that the developers want to make money from their product – and to do this they sometimes agree to bundle their software with other programs, browsers, add-ons, or malware.
You may think all you’re getting is video editing software, but you could end up with way more than you bargained for.
6. Not updating your antivirus software or operating system
Often, updates in antivirus software or your operating system are issued to patch vulnerabilities in past versions. Hackers trade in finding vulnerabilities in systems and exploiting them. So when your phone tells you an update is due, instead of rolling your eyes and continuing what you were doing, you should schedule the update so it’s kept safe.
7. Clicking on pop-ups or strange
Resist the urge. Just don’t do it. Yes, that pop-up or strange link is tempting, but is it really worth compromising your device, your safety, and potentially your bank account?
No, we didn’t think so either!
8. Triggering drive-by downloads
A drive-by download attack is particularly sneaky as all you need to do to start it is to visit or ‘drive by’ a website. You won’t even need to click or download anything as the malicious code will be hidden and will download in the background to your device. Terrifying!
In many cases, you’ll have no idea it’s happening unless you’ve installed antivirus software on your computer.
9. Not reading what you’re agreeing to
“I have read and understand the agreement” – or something to that affect. You’ve seen it before. You’ve ticked the box. You’ve scrolled right past several paragraphs without so much as scanning a single word.
While that will work out fine with reputable software from big name brands, it can get dodgy when you’re looking for pirated software, freeware, or software from a third party provider. With apps on mobile, the T&Cs are particularly important as you could be agreeing to sell your data – or allowing someone to effectively spy on you via your habits and tracking data. Yikes.
Just read the T&Cs. You’ll be glad you did.
10. Using an unsecure internet connection
Browsing on open connections or public Wi-Fi in your local café is fine if you aren’t doing anything important or if you’re on a device that doesn’t have anything sensitive on it.
However, using unsecure connections can open a whole can of worms as anyone could be watching what you do over the connection. Even worse, it could be a honey trap set up by a hacker with the sole intention of catching people out. Never bank online or send sensitive info over an unsecure connection and always connect to public networks using a secure VPN (Virtual Private Network) like Norton Secure VPN to encrypt the information you share.
11. Connecting to the internet without a firewall
Firewalls come with a lot of misconceptions. It’s sometimes a thing people do because they should. But why?
A firewall essentially works as a shield between your device and the cyber world. When you’re online, you’re constantly sending and receiving info in small units called packets. Your firewall keeps an eye on these packets to ensure that they meet a certain set of rules before they get past the wall and to your computer.
Firewalls – the unsung heroes of the digital world!
12. Not using antivirus software
An obvious one, but a fair point. Browsing the net without antivirus is like driving in a car without a seatbelt. While you might be fine, you’ll be glad you have it on if something happens.
A nasty case of spyware can wreak all sorts of havoc on your life. If you remember the info above and keep your common sense about you as you browse the net, you should be fine. While espionage might sound very cool, in the cyber world it’s not remotely fun for the poor victims.
Norton empowers people and families around the world to feel safer in their digital lives
Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc.