Advertising on the Internet is perhaps more ubiquitous than advertising in traditional media – and for good reason. For many companies out there, it’s either their major or only source of income, and it brings in tons of cash, in many times for something as seemingly simple as running a successful website. (If you’ve ever wondered how Google makes money, it’s time to stop doing so.) There’s nothing inherently wrong with making money off of advertising, as it’s just another way to earn money, the ultimate aim of any company. What’s wrong is the way some less-scrupulous companies go about getting their ads onto your computer.

Malicious ‘Wares

What I’m talking about, of course, is spyware (or adware), a particularly horrid form of malware that seeks to take control of your computer for profit. In essence, spyware is a form a Trojan, which is itself a form of computer virus. If you’ve been using computers for a while, you’ll be familiar with viruses – pieces of malicious software designed to replicate, spread to other systems and in the process, perhaps harm or damage the computers it infects – thus making them less usable to the people who own them. Maybe you’ve even had the opportunity to remove a virus from a computer (of course, not your own, but a friend’s), and then you’ll have realized it’s often no easy task.

Well, spyware acts in a similar manner. It often installs itself unbeknownst to the user (by exploiting security holes in a user’s system), and collects information on their browsing habits to determine when to and what ads to serve up, often in the process slowing down the performance of the system. Spyware or adware also often makes itself hard to remove, and comes packaged with other seemingly benign software, such as some sort of toolbar for your browser. Even after you’ve uninstalled the toolbar the spyware came with, it often still remains, causing pains, headaches and annoyances. What sets it aside from traditional viruses is that this software was not written by some experimenting programmer curious about what could be accomplished; spyware is instead written for specific purpose – to make money off of you, by subjecting you to ads you never agreed to see.

Money Talks

A brief overview of how most websites make money goes something like this.

1. Create a new, innovative, or otherwise attractive website that will attract readers because of its content. (The website doesn’t have to be completely new in idea just as long as it does something well, and captures an untapped demographic)
2. Put ads on your website. (Many companies offer ad programs for websites, a sort of affiliate program)
3. If you get a lot of traffic, you’ll probably make money off of the ads. (Not as simple as this, but simplified for the sake of this article.)

The ability of some websites to make tons of money off this seemingly simple business model was observed many people, some of whom began thinking of unethical ways to make money off this model. Thus spyware/adware was born. The idea is to install some sort of ad-serving software on the user’s computer, usually by bundling it surreptitiously with supposedly “free” software. Thus, the makers bypass the need to create a quality, content-filled website by getting their ads directly onto your computer, without your permission. While you’re busy clicking and closing popups and wondering why your system is running so slow, they’re busy raking in the dough – the people who push spyware often get paid per install by the spyware developers.

The situation gets even more complicated when you discover that certain forms of spyware insert or replace ads on websites you visit! This is bad for several reasons, as not only does it make it difficult to ascertain the source of the ad, but ad revenue to legitimate sites suffers as well.

Spyware pushers

But, it gets worse. Recently, it was discovered that teenagers on MySpace were being used to push ads on unsuspecting users, effectively turning them into unknowing distributers of malware made by Zango/180 solutions. The scam involved creating a series of videos that the dealer promoted to MySpace users, encouraging them to put the videos on their site – many of the videos were the usual type that provide a meaningless five minute diversion – so it’s clear they were catering to the MySpace demographic.

Placing the video on one’s MySpace merely required the copying and pasting of a few lines of seemingly harmless code. However, users viewing the MySpace sites would be prompted to install the Zango adware in order to view the video. While the prompt did explain that ads would be served up, it was all in the fine print, and clicking “Play” on the video amounted to the acceptance of this laughable EULA. After all, no one reads prompts or alerts, especially the type who want to see a MySpace video. All this invariably will leave a lot of people infected with this adware, (many of whom won’t even know it), all while somebody makes quite a bit of money.

While the offending pages were removed, it still doesn’t solve root of the problem. Adware is now not only being served up by knowing partners, but also by people who didn’t even know they were complicit in the spread of damaging software.

Ads, ads, everywhere

So, who’s paying to have their ads put on your computer, without your knowledge? Apparently, a lot of companies. Recently, it was also disclosed that Vonage is heavily into funding spyware – but they by no means are the only big player. It should come as no surprise that many of the big players can easily be seen on traditional media such as print, or television. While sometimes these companies contract out advertising to agencies that pass jobs onto spyware companies without their knowledge, many fully know what they are doing. People need to made aware of this, and more anti-spyware laws need to be passed, if only to discourage this practice.

Prevention is the key… or is it?

Back before spyware and adware were big, people were worried about viruses. However, it was felt that if you had antivirus protection, you would be okay, as long as you kept up to date. Nowadays, there are so many forms of malware from so many different sources, that it’s hard to keep up to date. Many resources tell you to have two more anti-spyware programs installed concurrently, along with antivirus and some sort of firewall. All of this can be very confusing to the beginner or novice computer user.

Many people say the solution is just to use Firefox instead of IE when browsing, to practice “safe surfing habits”, and keep your antivirus/antispyware up to date. They also say that when someone gets infected with spyware or adware, it’s their own fault for not being vigilant. I disagree – if someone broke into your house, would it be your fault that you didn’t board up the windows, reinforce the door, and add an extra-tough master lock into the mix?

The problem lies with the companies who are making this spyware, the people who are pushing it, and finally with the companies who solicit the services of adware to increase their market share. There’s nothing wrong with making money – everyone has to do it, but when you’re making money off hijacking someone else’s hard-earned computer, something is wrong.