What is spyware? How it works and how to prevent it

Spyware is used by everyone from nation states to jealous spouses to surreptitiously collect information and monitor the activity of people without their knowledge. Here's what you need know about this pervasive and creepy form of malware.

Spyware definition

Spyware is a broad category of malware designed to secretly observe activity on a device and send those observations to a snooper. That data can be used to track your activity online and that information can be sold to marketers. Spyware can also be used to steal personal information, such as account passwords and credit card numbers, which can result in identity theft and fraud.

"Spyware is really anything that's collecting—and possibly disseminating—information about the user without the consumer's consent," explains Josh Zelonis, a senior analyst with market research company Forrester Research. "Spyware is and will always be a popular method of collecting private information. We see it in banking Trojans, ad networks, jealous spouses, and companies crossing ethical boundaries by installing keystroke loggers as part of their 'insider threat programs. It's an incredibly broad problem that impacts everyone potentially."

Use of the malware seems to be on the rise. According to a recent report from security software maker Malwarebytes, consumer spyware detections increased 27 percent from 2017 to 2018. Business detections increased even more: 142 percent over the same period.

"It's a part of a trend back to traditional threats," says Jerome Segura, head of threat intelligence for Malwarebytes. “It shows that criminals are interested in stealing data from users," he adds. "Once they have the data, they can deploy additional malware on the system and create an additional vector for monetization."

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!