How Spyware Gets Onto Your Computer or Phone

Hooded figure behind a computer.

Patrick Foto / Getty Images

Spyware is a generic term referring to hidden software packages that monitor computer users' activity and send usage data to external Web sites. Spyware can significantly interfere with the operation of devices due to the network bandwidth and other resources they consume.

Examples of Spyware

A keylogger monitors and records key presses on a computer keyboard. Some businesses and government organizations may use keyloggers to legally track the activity of employees using sensitive equipment, but keyloggers can be also be deployed to unsuspecting individuals remotely via the Internet.

Other monitoring programs track the data entered into Web browser forms, particularly passwords, credit card numbers, and other personal data, and transmit that data to third parties.

The term adware is commonly applied to common Internet systems that monitor a person's browsing and shopping habits for the purpose of serving targeted advertising content. Adware is technically considered a separate kind of malware and generally less intrusive than spyware, but some still consider it undesirable nonetheless.

Spyware software can download onto a computer in two ways: via installing bundled applications, or by triggering an online action.

Installing Spyware via Web Downloads

Some types of spyware software are embedded inside the install packages of Internet software downloads. Spyware applications may be disguised as useful programs themselves, or they may accompany other applications as part of an integrated (bundled) installation package.

Spyware software can also be installed on a computer through the download of:

  • Third-party Web browser toolbars or add-ins.
  • Utility programs like video players or advertising blockers.
  • Packages promoted be "anti-spyware" or antivirus systems that in fact contain spyware software, sometimes called scareware.
  • Other "freeware" applications.

Each of these types of Internet downloads can result in one or sometimes multiple spyware applications also being downloaded. Installing the primary application automatically installs the spyware applications, usually without the user's knowledge. Conversely, uninstalling an application will generally not uninstall the spyware software.

To avoid receiving this type of spyware, carefully research the contents of online software downloads before installing them and always make sure you download software from their official website, rather than third-party websites.

Triggering Spyware via Online Actions or Pop-Ups

Other forms of spyware can be activated simply by visiting certain Web pages with malicious content. These pages contain script code that automatically triggers a spyware download to start as soon as the page is opened. Depending on the browser's version, security settings, and security patches applied, the user may or may not detect the prompt is spyware related.

To avoid triggering spyware while browsing the Web:

  • Keep the device's operating system and Web browser software up to date.
  • Read any browser pop-up messages carefully--exit the install--do not click "accept" or "OK" if any unfamiliar prompts appear on the screen.
  • If the pop-ups freeze your browser, force quit your app and restart your computer.
Was this page helpful?