Spyware, Scams, & Other Online Hazards
Do you know what evils are lurking on your computer? If you’re online, you’re at risk of a whole host of
online hazards. Programs called spyware and adware, as well as worms and trojans, may be doing bad
things to your computer (and to you) without your knowledge. This may sound like the stuff of fiction, but
these problems are much more widespread than most people realize – almost every student computer
brought in for repairs is infected with spyware, adware, and viruses. The dangers are real, and the bad
guys are getting more & more sophisticated with their tricks. Chances are that your computer has
already been infected with these things – they may even be helping criminals steal your identity!
What is it?
Most broadly, spyware is software with malicious intent – by design, it does something bad to you or your
computer. Usually, it gets installed without your knowledge, although it sometimes takes advantage of
the fact that most people click “I Agree” to software licenses without reading them. (So technically, they
may be giving permission for spyware to be installed.) It’s called spyware because it literally spies on you
to gather information. Adware is a specific variety that makes ads appear on your screen (those darned
pop-ups!), or drives you to advertiser web sites. There are other names for it, but spyware is the most
commonly used term.
Spyware infects millions of computers with the purpose of stealing your personal information, enabling
identity theft, hijacking your computer, tracking your online activity, and selling information about you
to anyone willing to pay for it.
What are the risks? Why is it bad?
Spyware does all sorts of things, ranging from the merely annoying to the downright criminal. It may:
use up your computer’s system resources, memory, & Internet bandwidth, making your computer
and/or Internet connection slow
delete, modify, or disable files, folders, programs, and essential Windows components and services
use worms, trojans, and “back doors” to open your computer to further invasions
use your computer to send spam – yes, really! It’s estimated that 80% of the world’s spam is sent
by “zombie” home computers infected with “spam trojans” which were installed by spyware or
conflict with other programs, causing your computer to crash or freeze up
hide the presence of other bad programs, and keep you from removing them
install “keyloggers” which record everything you type
steal your passwords, credit card information, & other personal data to be used for identity theft
monitor your web surfing habits and record the web pages you visit
relay any of this collected data back to its makers & sell it to other companies or bad guys
collect your e-mail address & make you the target of spam (junk e-mail)
pester you with pop-up ads, even if you have pop-ups disabled in your web browser
“hijack” your web browser and change your home page or redirect you to other sites without your
Spyware’s ability to do all of these things is a tremendous personal (and organizational) security threat.
It can lead to data loss, damage to legitimate software, impaired network performance, reduced
productivity, and, worst of all, identity theft.
How does spyware get on computers?
It may hide inside of another program’s installer: Many free programs install some form of
spyware, especially file/music sharing programs (e.g., BitTorrent, Limewire, Kazaa, Ares), but
St. Norbert College Technology Support Services page 1 of 6 April 17, 2009
also screen savers, games, etc. They may or may not tell you that they’re doing this; if they do tell
you, they will do so in the license agreement. They count on the fact that few people actually read
those license agreements.
It may be installed by a “drive-by download”: installed behind your back when you visit a web site
or click a link, especially advertising links or those that say you won something. In these cases,
you don’t even have to do anything other than visit a web site or click a link.
An e-mail or web site may make you think that you need to download something: For example, an
e-mail may say that someone sent you an electronic greeting card but that you need to download a
special viewer to see it, or a web site may say that you need to download a special “media player”
to view their site. Yes, there are legitimate instances of both these things - that’s what makes it
It may masquerade as something helpful, like a free virus scan or spyware removal program, or it
may present a security warning saying that you need to install some kind of patch to protect your
A virus or worm may infect the computer and open it to further attacks & secret installations.
How can you avoid it?
Don’t download free programs, games, screen savers, etc., especially file/music sharing
software. If you have kids, don’t let them install anything on your computer without your
knowledge. If you already have peer-to-peer (P2P) file/music sharing software on your
computer, uninstall it.
Don’t click on ads, offers, security warnings, or “you won!” alerts on web pages, especially
those that appear in pop-up windows.
Use spyware removal & protection programs to scan your computer for spyware and keep it
from being installed (details below). Unfortunately, there are unscrupulous people who
create fake anti-spyware programs that can make your problems even worse. See the next
section for details.
Don’t use Internet Explorer. Instead, use a more secure web browser like Firefox.
Before installing software (other than big name-brands like Microsoft Office, Quicken, etc.),
look online to see if it’s considered spyware.
Fake spyware removal programs
This is one of the worst scams of all. There are companies that produce supposed spyware removal
programs that actually are spyware! Many of these have anti-spyware-sounding names like Spy Deleter,
SpyKiller, and Spy Wiper, and come from what look like legitimate software companies, like a company
called Enigma Software Group that makes a program called SpyHunter. Some of these try to confuse
people by using names that are very similar to legitimate spyware removal products; for example,
SpywareBlaster is a legitimate spyware removal product, while SpyBlast is fake. Don’t install anything
unless you’re 100% sure it’s legitimate.
We strongly recommend using anti-spyware programs that can scan your computer for spyware, remove
it, and prevent it from being installed. There are several free programs that do basically the same thing,
but we recommend using more than one, as often one finds things the other missed. For links to download
these programs, see the Downloads page on http://www.snc.edu/techsupport.
Scams, fraud, & other dangers
Most spam conceals a scam of some sort. The ultimate goal of most scams is identity theft or credit card
fraud. Most scams are based on “social engineering” – getting people to drop their guard and do or reveal
things they might otherwise refuse. Everyone thinks that they’re too smart to fall for one of these scams,
but the bad guys are very good at what they do, and it works because people do fall for it. It’s so
successful that organized crime has even been linked to it.
St. Norbert College Technology Support Services page 2 of 6 April 17, 2009
“Phishing” is a new term for a trick that con artists have been using for years. The objective of phishing is
get enough of your personal information to access your account(s) and possibly steal your identity. The
scammers send e-mail that appears to come from a recognized business (America Online, eBay, PayPal,
etc.) or financial institution (American Express, Wells-Fargo Bank, etc.) with whom lots of people do
business. They often contain links to the company’s web site, where they ask you to log in and “verify”
(enter) your personal information (account number, date of birth, credit card information, mother’s
maiden name, etc.). However, that web site is actually a fake site run by the scammers, set up to look
exactly like the real thing, so whatever information you enter gets sent to the scammers.
Don’t fall for the scammers’ tricks! Always be suspicious. Stop & think before you click on any “security
warnings” or ads. Don’t follow the instructions or links in any e-mail message, no matter how legitimate
it looks. If you really think it might be legitimate, contact the business directly, preferably by phone. If
you go to a company’s web site, always type the address yourself, rather than clicking a link in an e-mail
message. Tip: If a site has a numeric address (like 22.214.171.124 instead of www.snc.edu), it’s probably a
Web browser security
Don’t use Internet Explorer
This may sound extreme, but one of the best ways to protect your computer from spyware & other
security attacks is to not use Internet Explorer (IE). That’s because IE – especially in its default
configuration – is much less secure and much more prone to threats like browser hijacking than are other
web browsers like Mozilla Firefox, Safari, and Opera.
We strongly recommend using Firefox as your primary web browser. We believe that this browser is the
best choice, and we would like the College community to use it whenever possible. Unfortunately, there
are some web sites that are programmed to work only in Internet Explorer. When you run into a site that
doesn’t work properly in Firefox, use IE just for that site, then go back to Firefox. Only use IE when you
absolutely have to.
Browser hijacking is when a malicious spyware program or web site changes your browser settings, such
as the start page or bookmarks/favorites, without your permission, and often makes it so that you can’t
change it back. Why would anyone want to hijack your browser? To force you to visit their web sites so
that they can earn higher advertising revenues (on the web, advertisers pay based on how many people
visit the site or click their ad). Browser hijacking is a symptom of a spyware infection, and means that
you need to install, update, & run the anti-spyware programs mentioned earlier. Again, this is much less
likely to happen with Firefox than with IE.
Blocking pop-up windows
Pop-up windows are a common way that spyware gets installed on computers, by either getting people to
click on a link in a pop-up window that installs the spyware, or by exploiting insecure programming
features (mostly in IE). Fortunately, all of the newer web browsers now allow you to block pop-up
In Firefox, pop-up blocking is already turned on by default when you install the program. If it’s turned off
for some reason, go to Tools – Options – Web Features and check the Block Popup Windows box. Click on the
Allowed Sites button to add exceptions (sites from which you will allow pop-ups). To ensure that all SNC
systems such as Banner work correctly, add snc.edu as an exception by typing or pasting it in the box &
clicking the Allow button. When finished, click OK - OK.
Once you’ve blocked pop-ups in Firefox, a red, white, & blue “X” icon will appear in the lower right corner
of the window whenever a pop-up is blocked. If you want to allow/unblock that pop-up (sometimes you
St. Norbert College Technology Support Services page 3 of 6 April 17, 2009
have to in order for a site to work correctly), click on the icon and choose “Show...” to see just that one
pop-up window, or choose “Allow popups for...” to add the site to your exceptions list.
Pop-up blocking in IE is only available if the computer has Windows XP Service Pack 2 or later. The pop-
up blocker setting is under Tools – Internet Options – Privacy – Block Pop-ups. Click on the Settings button to
add snc.edu as an exception.
If you still get a lot of pop-ups even after turning on pop-up blocking, that’s a sign that the computer’s
probably infected with spyware, and means that you need to install, update, & run the anti-spyware
programs to clean it.
Other security measures
Protect yourself from viruses, worms, & trojans
Always use anti-virus software and keep it up-to-date. On campus, IT does this automatically on all
College-owned Windows computers on the network. The College’s license for McAfee VirusScan
permits SNC employees and students to install and use it on their personal computers for free. Anti-
virus software is useless if you don’t keep it up-to-date. Our version of McAfee VirusScan (v. 8.0 &
8.5) is configured to update itself automatically when you’re online. If you use some other anti-virus
software, set it to update itself or update it yourself at least once per week. If you use dial-up
Internet service and don’t go online very often, be sure to update it whenever you do go online. For
detailed instructions, see the Computer Viruses: McAfee VirusScan handout, available on our
web site at http://www.snc.edu/techsupport.
Configure your anti-virus program to automatically scan all e-mail, downloads, disks, and files. On
campus, VirusScan should already be configured this way on all College-owned Windows computers
on the network. When you install our version at home, it will already be configured this way too.
Never open any unexpected e-mail attachments. Be suspicious of all e-mail attachments, no matter
what type of file it is or who it’s from. (Viruses & spam almost always fake the e-mail “From” line.)
Even if you know and trust the person who sent the attachment, it may still contain a virus. If your
anti-virus program automatically scans all e-mail & downloads, and you always have the most
recent updates, you’ll be mostly protected, although you could still be infected by brand new viruses.
If you’re suspicious of an attachment, don’t open it. If it seems like fluff (jokes, etc.), just delete it. If
you’re not sure, you can always e-mail or call the person and ask them if they really sent it and
what it is.
Keep Windows & other software up-to-date
Microsoft frequently releases updates for the Windows operating system and Internet Explorer to
patch security holes and vulnerabilities that are found. By default, Windows XP checks for updates
automatically, although this feature may be turned off. To check or change this setting, go to Start –
[Settings] – Control Panel – System and click on the Automatic Updates tab, then check the box next to
“Keep my computer up to date.” On College-owned computers, these options are grayed out because
our computers are kept up to date automatically. If you don’t have Windows XP or later, then you
may not have the automatic update option, but you should still run Windows Update regularly. To
run Windows Update manually, go to Start – Windows Update (or open Internet Explorer and go to
Tools – Windows Update).
When you run Windows Update, you’ll have a choice of “Express Install” or “Custom Install.”
Choose “Custom Install” so that you can review and choose the updates before installing. Normally,
you should install all “critical” or “high priority” updates.
If you already have automatic updates turned on, then you probably already have all the latest
updates. On your office computer, do not install any Windows updates without checking with the
Help Desk first.
Ideally, to be as secure as possible, you should also keep all of your other software – e-mail
program, web browser, word processor, etc. – up-to-date as well, but this can be more time-
St. Norbert College Technology Support Services page 4 of 6 April 17, 2009
consuming. Some programs have automatic or “live” update features, while for others you may
need to start the process yourself from a menu option (look on the menus for the word “update”),
and still others require you to visit their web site directly and look for the updates. The update
settings for some common programs:
Firefox: To update, go to the Help menu and choose Check for Updates. To turn on automatic
updates, go to Tools – Options – Advanced. On the Update tab, check the boxes and choose the
Thunderbird: To update, go to the Help menu and choose Check for Updates. To turn on
automatic updates, go to Tools – Options – Advanced. On the Update tab, choose the desired
Microsoft Office: From the Help menu, click on “Check for Updates.” (Note: If Firefox is your
default browser, this won’t work right. Instead, open Internet Explorer, go to
http://office.microsoft.com, and click “Check for Updates”.)
If you have a wireless network set up at home, people you don’t know may be accessing it and using your
Internet connection! Before you say you don’t care, consider this: What if that person sharing your
connection commits a crime, such as hacking into a computer, spreading a virus, or putting illegal
materials on the Internet? You could get in trouble, because the activity would be traced back to your
Internet connection. In addition, that person may also be able to intercept your online transactions and
access files on your computer.
Most people who set up wireless networks in their homes don’t secure them properly, leaving their
connections wide open and themselves vulnerable to these dangers. The solution is to secure your
wireless access point. Because each wireless access point model is different, we can’t give specific
instructions here, but the manual for your wireless access point should have instructions for enabling the
following security precautions:
Change the administrative account password Change the SSID
Turn on WEP or WPA Encryption Disable SSID Broadcast
Any time your computer is connected to the Internet, whether you’re using it or not, it’s at risk from
hackers. With high-speed Internet connections like cable modem (RoadRunner) or DSL, the risk is
greater because the Internet connection is always on. (When you use dial-up Internet service, your
computer is exposed to attacks, but the risks are substantially reduced because with dial-up, you usually
only stay connected while you’re actively using the computer and the Internet connection.) To be as safe
as possible and protect your computer from hackers, you should use an Internet firewall regardless of
what type of Internet connection you use.
A firewall is hardware or software that helps keep out hackers, as well as some viruses and worms, that
may try to reach your computer over the Internet. It essentially creates a boundary that helps keep the
computer or network secure by preventing access by unauthorized users. Without a firewall, hackers may
be able to access your computer and do things like steal your passwords and other personal information,
install keylogging programs that record everything you type, or “hijack” your computer and use it to
spread viruses, send spam, or hack into other computers.
The easiest and most effective firewall solution is a piece of equipment called a router, which has a built-
in hardware firewall. The main purpose of a router is to allow more than one computer to share an
Internet connection, but routers protect those computers by essentially hiding them from the Internet.
Some of the companies that make routers for home use are Linksys, D-Link, Netgear, and 3Com. Most
wireless access points/wireless routers also act as firewalls, but make sure they’re configured securely
St. Norbert College Technology Support Services page 5 of 6 April 17, 2009
A software firewall is a program you install that watches all of the Internet traffic on the computer and
blocks or allows it based on your preferences. Software firewalls can be a bit annoying, especially at first,
because they warn you every time there’s any traffic, but once you get them “trained,” they’re not so bad.
The built-in firewall in Windows XP: Windows XP has a built-in “Internet Connection Firewall,” which
may or may not be turned on. This firewall provides only the most basic protection, and does not include
any additional security features. While it does a fairly good job of blocking unwelcome probes or attacks
coming in to your computer, it lacks the ability to control programs on your computer that are trying to
send information out, from your computer to the Internet. To turn on the Internet Connection Firewall,
see the detailed instructions on Microsoft’s “Protect your Computer” page at
Software you purchase/download: There are several software firewall or security packages that you
can purchase. Most of these are full security “suites” or packages that include, in addition to an Internet
firewall, things like content filters/parental controls, privacy controls, pop-up ad blockers, spam filters,
spyware/adware scanners, anti-virus software, etc. Some of the companies that make these products are
McAfee (mcafee.com), Symantec/Norton (www.symantec.com), and ZoneAlarm (www.zonealarm.com).
ZoneAlarm also makes a free, more basic version of their firewall. It’s hard to find on their site, so if you
want to download it, go directly to http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-
Additional web resources
Spyware Guide: http://www.spywareguide.com/
This site includes the Spyware Database (to find out if a program is spyware) & the Spyware Block
Spyware Information Center: http://www.pcpitstop.com/spycheck/
Spyware Warrior: http://www.spywarewarrior.com/
*PC Hell: Spyware Removal Help: http://www.pchell.com/support/spyware.shtml
*Removing Adware, Spyware and other unwanted “malware”: http://www.cexx.org/adware.htm
*These are more advanced sites which are useful if your computer is infected and you want to clean it
yourself. The pages are somewhat long and unruly (tip: press ctrl+f to search for a term on the page),
but they have links to lots of detailed information on removing many specific spyware programs.
Phishing Scams & Spam
Anti-Phishing Working Group: http://www.antiphishing.org/
FTC publications on Computers & the Internet: http://www.ftc.gov/bcp/menus/consumer/tech.shtm
Spam (FTC): http://www.ftc.gov/spam/
General Security & Identity Theft
Microsoft’s Security at Home page: http://www.microsoft.com/protect/
Identity Theft (FTC): http://www.ftc.gov/idtheft
Assistance and questions
If you have any questions or need more information, contact the Help Desk at (920) 403-HELP (4357) or
email@example.com. The Help Desk is for St. Norbert College students and employees only.
St. Norbert College Technology Support Services page 6 of 6 April 17, 2009