Computing Services › Information Security Office › Training and Awareness › Be Aware › Spyware

Spyware

Spyware, also known as "adware," is software that sends information from your computer to a third party without your consent.

Besides secretly monitoring a user's behavior, spyware collects personal information, which could lead to identity theft. Retail companies use spyware to gather data about customers' Internet habits. Spyware may also redirect the web browser to malicious sites, allowing a third party control over the user's computer and the installation of additional harmful software such as viruses and Trojan horses.

Machines infected with spyware may experience:

Slow system performance
System crashes
Difficulty in uploading the web browser
Frequent display of pop-up ads and error messages
Diversion of the search engine and surfing activities
New icons appearing suddenly on the computer
Certain browser function keys that have stopped working

In case you experience any of the above symptoms on your computer, or suspect that your computer is infected with a spyware and/or other malicious program, please take the following steps:

Disconnect your computer from the network
Disable the wireless connectivity
Contact your departmental administrator, DSP consultant, or Computing Services Help Center at x8-HELP(4357) or it-help@cmu.edu.

Measures of protection:

To avoid infecting your computer with spyware, it is recommended to the take the following measures of protection:

Install and update anti-malware software (e.g. Windows Defender). Visit Secure Your Computer on the Computing Services website for instructions on downloading, using and updating anti-malware software.
Install and maintain a firewall. For instructions on how to configure Windows Firewall, or Macintosh, please visit the Computing Services Secure Your Computer.
Avoid opening attachments sent via email, chat-rooms, and text messages unless you trust the source of the attachment and the sender. Unless you were expecting it, confirm with the sender before opening.
Avoid clicking on links without checking the source of the link and the sender.
Avoid free downloads. Only download software from trusted web sites, or software bought from trusted vendors
Turn on the pop-up blocker on your browser, and set your browser's security level to High. Internet Explorer users can turn on pop-up blocker by selecting "Tools" on the tool-bar, then "Pop-up blocker" and select "Turn on Pop-up Blocker". For more tips on securing your web browser visit US-CERT, Securing Your Web Browser.
Avoid responding to questions in a pop-up window or clicking on pop-up windows links.
Avoid using Peer to Peer (P2P) File Sharing applications. A large number of P2P File Sharing applications contain spyware.
Adhere to the cyber security pledge at the Information Security Office website.

References and Resources

Carnegie Mellon, Information Security Office, Secure Computing
US-CERT; Coordinating Virus and Spyware Defense
Carnegie Mellon, MySecureCyberSpace; Spyware
Carnegie Mellon, Computing Services; Licensed Software List
US-CERT, Securing Your Web Browser