At first glance, the spyware issues may seem quite obvious and easy to avoid. Unfortunately, the hallmark of really good spyware is that you don't know you're about to become a victim until it's too late. As mentioned, although spyware is commonly associated with malicious Web sites, it quite regularly gets bundled with legitimate software by less than scrupulous developers. And just to really push the point home, many software developers include a clause in their EULA (End-User License Agreement) that prevents you removing the spyware if you want to continue to use the application. The eDonkey P2P client is just one example of this.

Although spyware tied to applications is relatively easy to avoid or disable, Web-based spyware is a whole different game, as discussed in the following sections.

Browser Hijacking

Web-based spyware usually targets security vulnerabilities within Web browsers to install itself and modify the browser's functionality. This is commonly referred to as browser hijacking. The most basic form of hijacking is home page hijacking. As the name implies, a Web site author can use JavaScript functions to set a browser's home page to any Web site he selects. Although this may seem pointless and nothing more than a minor inconvenience, if the new home page is full of syndicated advertising banners, the author can quickly generate a lot of money from hijacking Web browsers. If you're unlucky, the new home page is a malware download site that infects your computer.

This is probably the most marked difference between spyware and viruses: Whereas virus writers have to remain anonymous on threat of prosecution, spyware authors actively publicize and financially benefit from their malicious actions. The money they earn allows them to hire expert programmers to create more sophisticated spyware, perpetuating the cycle. There are a number of companies that actually provide spyware development services, and will create custom spyware applications to your specifications. It's a very thin legal line, but companies continue to try and follow it.

Spyware Categories

Economics drives the entire spyware industry, so it's no wonder that its creators want to make spyware as hard to remove and avoid as possible. The vast majority of Web-based spyware falls into one of three categories:

• Toolbar hijacks: The most common types. They place a custom toolbar within your Web browser that displays advertisements and tracks your Web browsing.
• Functionality hijacks: Prevents your Web browser and operating system from functioning normally. In some cases, they pop up application windows and advertisements on your desktop at random.
• Dialer applications: Forces your computer to dial premium rate and international phone numbers at random times.

It's often a fine line between spyware and legitimate software, because many spyware applications include useful functions. A good example of this is Alexa, which monitors the Web pages as you browse and displays links and advertisements related to the page content. Some users may find this a handy way to find related products and information, whereas others may consider it annoying and an invasion of privacy. Alexa is owned by Amazon.com, which does give it some legitimacy.