What Is Spyware?
Spyware is software or a software configuration that gathers information about a person or organization without permission or knowledge. Spyware does this often by just peeking, but other times, it spies by changing the configuration of the victim’s computer.

I admit that the preceding is a highly general definition (open to as much interpretation and subjectivity as the definition of spam). However, spyware takes many forms, and if the definition was any more precise, I might accidentally exclude some new scheme that most people would consider spyware. In the following sections, I elaborate on this definition a bit so that you can see what the most common forms of spyware are all about.

An information collector
Spyware can collect information from a user’s computer and periodically transmit it to a specific location — usually a server someplace. The method used to collect information may be a built-in feature of the Web browser, a downloaded ActiveX control, a Web browser plug-in, or a standalone executable program.

The type of information collected by spyware may include the following:

Tracking Web sites: You may have heard the term adware, which many consider as a subset of spyware. Marketing companies and banner ad providers (many of which are totally legitimate companies) use adware solely to track which Web sites a user visits and whether the user patronizes banner ads. Such information is generally used by marketing companies, which are always trying to separate folks from their money. Some spyware may do more than just track Web site visits, however.

Logging keystrokes: Among the diabolical types of spyware are key loggers, vile beasts that actually record every keystroke on a user’s computer and transmit them to a hacker’s lair. Users who perform online banking and other electronic commerce on computers with key loggers are bound to have their highly sensitive user IDs, passwords, credit cards, and bank account numbers recorded and sent to unsavory individuals.