Ten Tips for Avoiding Spyware
Best practices to keep your network's computers pest free

May 12th, 2010, Ned Franklin

If you've spent any amount of time on the Internet, you've probably wasted at least a few hours removing adware or spyware from your computer. Generally speaking, adware creates targeted pop-up ads, while spyware monitors and tracks your online movements. And, once either type of software takes root in a system, loosening its grip can be a time-consuming and frustrating process.

10 Tips for keeping and maintaining a smooth running computer.

1. Keep a firewall running at all times.
The Microsoft firewall is another added layer of defence.  A firewall allows you to control both incoming and outgoing traffic and protects a computer from the Internet's many threats, namely hackers and other intruders who want to break into your network. A firewall can also prevent malicious software from installing itself on your computer or network.

2. Promptly install all Windows updates.
Hackers and other unscrupulous individuals are constantly finding ways to exploit security flaws in Windows. Microsoft closes these holes in its operating systems by frequently releasing patches and prompting users to install them. Ignoring these messages can leave a machine vulnerable to malicious invaders.

3. Use an anti-spyware tool with real-time protection.
Many free and commercial anti-spyware applications offer real-time protection via a module that constantly runs in the background and monitors your computer for unwanted software installations. (Think of it as a system watchdog.) Whenever a piece of adware or spyware attempts to install itself on your machine or alter your browser settings, the anti-spyware application will alert you, provide information about the threat, and allow you to block it.

4. Don't open attachments or click links in emails from strangers.
The adage about taking candy from strangers also applies to opening attachments from those you don't know. Many types of viruses spread via email attachments, and the same is true with spyware. Hopefully, your organization has an anti-spam solution in place, which will drastically reduce the amount of potentially suspicious messages that end up in users' in-boxes. Still, it's important to remind those on your network not to open attachments from strangers or those that end in .EXE, .PIF, or .COM, regardless of who sent it.

5. Only download software from a trusted source.
The thought of free software can be quite seductive, but you might end up paying in other ways. Many developers, such as those who produce file-sharing programs, make their money by bundling adware or spyware with free products. Warn users to be particularly wary of "fun" freebies such as screensavers, emoticons, and games. Before downloading anything from the Internet, it's crucial to scrutinize the Web site's privacy policy (usually located near the bottom of the page), keeping an eye out for questionable or suspicious words and phrases -- such as "banner ads" and "third-party software" -- that might indicate the presence of adware or spyware.

6. Don't visit adult sites.
Adult Web sites are havens for spyware, Trojan horses, and other security threats. Instruct users never to visit these types of sites on your organization's machines.

7. Avoid using file-sharing programs.
Anyone can upload any type of document or program to peer-to-peer file-sharing networks such as LimeWire and Mopheus. As a result, some unsavory types use peer-to-peer networks to hide spyware, viruses, and other harmful programs inside seemingly innocuous files such as MP3s or photos.

8. Don't click pop-up ads.
There's no disputing that pop-up ads are annoying, and it can be tempting to close them by any means possible -- especially when you're hit with a barrage of them. Unfortunately, some sneaky spyware purveyors surreptitiously install unwanted software any time a user clicks a pop-up ad. Spyware vendors have also been known to switch the "Yes" and "No" buttons found in some pop-up ads to trick users who are trying to abort a software installation. Advise your users to close pop-ups by clicking the small X in the ad's upper-right corner. And if you seek an even more foolproof method, train users to shut down all suspicious-looking ads via Windows' Task Manager. (If you're using Windows, simply hit the Control + Alt + Delete keys, click the Task Manager button, go to Applications, and hit the End Task button to shut down any unsavory programs.)

9. Always read end-user license agreements.
Before users install a piece of software, they will likely see an end-user license agreement (EULA) that details the terms and conditions of using the program. Generally speaking, EULAs are long and contain a lot of legal wording, causing many people to skip them. However, EULAs often disclose the presence of bundled adware or spyware, though the developer does not usually make this information prominent. Some software vendors will even give the user the option to decline bundled spyware by unchecking a box. You might also find it worthwhile to install Javacool Software's EULAlyzer, which analyzes user-license agreements and flags suspicious words and phrases.

10. Surf with a fox.
Because it uses ActiveX controls -- a Microsoft technology that allows a Web browser to access other programs -- Internet Explorer is particularly susceptible to spyware-based hijacks. And once spyware has invaded Internet Explorer, it can be very difficult to repair the browser without reinstalling the entire operating system.
Since Mozilla's open-source browser Firefox doesn't offer ActiveX controls by default (though plug-ins are available), it's considered a more secure Web-surfing choice. As the browser becomes more popular, industry experts believe it could be subject to more attacks. Experts also believe that that Firefox's built-in pop-up blocker is more effective than Internet Explorer's, which will help reduce the amount of potentially troublesome ads that your users see.
Spyware and adware can be a nuisance, but you and your organization's computers don't have to suffer needlessly. If you equip your organization's machines with the right software and train your users to practice smart Web surfing, you have an excellent chance of keeping spyware, adware, and other privacy-compromising software off of your network. Moreover, you'll save time and resources that you can spend on something more useful -- like saving the world.