It’s big enough that the U.S. House of Representatives voted unanimously to stiffen jail sentences for those who use secret surveillance programs to steal credit card numbers or commit other crimes.
Under the bill, known as the Internet Spyware (I-SPY) Prevention Act of 2004, those found guilty of using spyware to commit other crimes would face up to five years in prison on top of their original sentences. Those who use spyware to steal personal information with the intent of misusing it, or use spyware to compromise a computer's defenses, could face up to two years behind bars.
The bill would also apply to those who perpetrate so-called “phishing” attacks -- official-looking email messages that aim to trick people into disclosing their bank-account numbers or other personal information.
In addition, the I-SPY bill allocates $10 million to the Department of Justice to combat spyware and phishing scams.
Two days before the I-SPY vote, House lawmakers approved a separate bill that establishes multimillion-dollar fines for spyware perpetrators. (Some observers predict that the two bills will be combined with a spyware bill that is currently working its way through the Senate.)
A pervasive problem
Antivirus products allow users to protect themselves from a variety of potential software and Internet threats. These include malicious code such as viruses and Trojans, as well as expanded threats, which include spyware, adware, and dialers. While definitions of spyware vary, it’s generally agreed that these programs have the ability to scan systems or monitor activity and relay information to other computers or locations in cyberspace. Among the information that may be actively or passively gathered and disseminated by spyware: passwords, log-in details, account numbers, personal information, individual files or other personal documents. Spyware may also gather and distribute information related to the user’s computer, applications running on the computer, Internet browser usage, or other computing habits.
Many popular file-sharing programs come bundled with spyware. In fact, spyware is embedded in hundreds of programs -- including games, utilities, and media players – that can be downloaded for free from the Internet. Spyware is also how many file-sharing vendors make money while not charging for their products. With these programs, it has been said, you pay with your privacy instead of with money.
For that reason, the Federal Trade Commission has repeatedly warned consumers as well as businesses about the trade-offs involved in shareware. In an alert issued last year, the FTC was unambiguous: “Before you use any file-sharing program, you may want to buy software that can prevent the downloading of spyware or help detect it on your hard drive.”
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.