July 6, 2005

Spyware

The Internet’s Multitude of Sins

Most people are confident and say they grasp the major online security concepts, but there are gaps, especially for newcomers to the internet.

Despite the computer woes they might have experienced, 61% of internet users are confident that they can keep things like computer viruses, spyware, and adware off of their home computer when they want to. Thirty-three percent of internet users say they are not confident that they can do so. Those who are confident are less likely to have experienced computer slowdowns, unexpected home page changes, or uninvited icons on their desktop in the past year. Sixty-three percent of confident internet users report at least one problem, compared to 79% of not-confident internet users.

Most internet users claim to have a grasp of some major concepts:

  • 88% of internet users say they have a good idea what “spam” means.18
  • 78% of internet users say they have a good idea what “firewall” means.19
  • 78% of internet users say they have a good idea what “spyware” means.
  • 68% of internet users say they have a good idea what “internet cookies” means (by comparison, 43% of internet users said they knew what an “internet cookie” was in 2000).20

But fewer say they understand some of the newer or more obscure terms:

  • 52% of internet users say they have a good idea what “adware” means.
  • 29% of internet users say they have a good idea what “phishing” means (described as “internet phishing, spelled with a P-H at the beginning”). Fully 15% of internet users volunteered that they had never heard the term before.21

Years online and broadband connections correlate with an overall understanding of the risks – and a sense of control over them.

Not surprisingly, internet users with six or more years of online experience are significantly more likely to express confidence and to say they know what key security terms mean.

Experienced Users More Likely to Say They Understand Key Terms

Broadband users are significantly more likely than dial-up users to say they understand key security terms. But many broadband users do not know the full meaning of these terms and that is doubly important because broadband users are more vulnerable to software intrusions than dial-up users.

Broadband Users More Likely to Say They Understand Key Terms

Internet users who say they know what “spyware” and “adware” mean are also more likely to read user agreements before downloading programs from the internet. Twenty-seven percent of “spyware-savvy” users say they always read such agreements, compared to 17% of those who do not know the term. Twenty-eight percent of “adware-savvy” users say they always read such agreements, compared to 22% of those who do not know the term.

Although many users have an imprecise understanding of internet threats, most retain strong attitudes about them.

Half of internet users (49%) say that software programs like spyware are a serious threat to their online security. An additional 28% of internet users say they are a minor problem and that more should be done to control them. Sixteen percent of internet users agree with the statement, “They are just part of life on the internet and don’t really bother me.”

Attitudes toward spyware

Many internet users are deeply bothered by the possibility that a program they download could slow down their computer or generate pop-up ads. Even the widely-used practice of tracking online behavior using tools such as “cookies” was rejected by most internet users.

Spam zombies

Spam – unsolicited bulk email – is despised by most internet users22 and most people would shudder at the thought of becoming a “spam zombie,” which means that their computer has been covertly taken over and turned into a terminal to send out bulk emails.23 Therefore it is not surprising that 89% of internet users say it would be a serious problem if a program they installed or a Web site they visited sent out unauthorized email messages from their email account. Seven percent of internet users say that would be a minor annoyance and 3% say it wouldn’t really bother them at all.

System slow-downs

Eighty percent of internet users say it would be a serious problem if a program they installed or a Web site they visited caused their computer to slow down or freeze up. Seventeen percent of internet users say that would a minor annoyance and 2% say it wouldn’t really bother them at all.

Big Brother is watching

Seventy-eight percent of internet users say it would be a serious problem if a program they installed or a Web site they visited transmitted information about their internet habits back to a central source. Fifteen percent of internet users say that would a minor annoyance and 6% say it wouldn’t really bother them at all.

Home page hijack

Sixty-five percent of internet users say it would be a serious problem if a program they installed or a Web site they visited reset their internet home page. Twenty-six percent of internet users say that would a minor annoyance and 6% say it wouldn’t really bother them at all.

Pop-up ads

Fifty-nine percent of internet users say it would be a serious problem if a program they installed or a Web site they visited caused pop-up ads to appear on their computer screen. Thirty-five percent of internet users say that would a minor annoyance and 4% say it wouldn’t really bother them at all.

Cookies

Fifty-seven percent of internet users say it would be a serious problem if a program they installed or a Web site they visited collected information about their internet habits but did not transmit that information to any outside source. Twenty-eight percent of internet users say that would a minor annoyance and 13% say it wouldn’t really bother them at all.

This question essentially described the near-universal use of “cookies” or bits of encrypted information deposited on a computer’s hard drive after the computer has accessed a particular Web site. The results underscore the gap between consumers’ perceptions and the reality of how the Web works.

There is additional evidence that the threat of spyware is having a chilling effect on daily online life. Recent reports by WebTrends and JupiterResearch find that more internet users are now rejecting cookies from Web sites than in 2004, with as many as 28% of internet users saying they selectively reject these widely used tracking devices which enable some of the Web’s most attractive features, such as customization.24 Forrester Research has reported that many users are regularly removing cookies from their computers in an attempt to foil spyware but are in fact preventing legitimate online vendors from plying their trade as well.25

  1. Spam is unsolicited bulk email. See http://en.wikipedia.org/wiki/Spam_(electronic)
  2. A firewall is a piece of software or hardware that protects a network from unauthorized entry. See http://en.wikipedia.org/wiki/Firewall_(networking)
  3. Cookies are bits of encrypted information deposited on a computer’s hard drive after the computer has accessed a particular Web site. See “Trust and Privacy Online” (Pew Internet & American Life Project: August 20, 2000). Available at: http://www.pewinternet.org/PPF/r/19/report_display.asp.
  4. Phishing is unsolicited email requesting personal financial information. See: http://en.wikipedia.org/wiki/Phishing
  5. See “Spam and Phishing” (Pew Internet & American Life Project: April 10, 2005). Available at: http://www.pewinternet.org/PPF/r/155/report_display.asp.
  6. See the Federal Trade Commission’s “Operation Spam Zombies” page at: http://www.ftc.gov/bcp/conline/edcams/spam/zombie/index.htm.
  7. See “Cookie Rejection Cited as Next Major Advertiser Problem” (ClickZ Stats: May 23, 2005). Available at: http://www.clickz.com/stats/sectors/advertising/article.php/3507186.
  8. See “Web Users Toss Their Cookies” (Forrester Research: December 9, 2004). Available at: http://www.forrester.com/Research/Document/Excerpt/0,7211,35957,00.html