Some security experts are even saying that companies could reduce the amount of spyware and adware on their networks by more than 50 percent if employees would stop visiting porn and gambling sites and employers would start using URL filtering software and set stricter policies outlining the use of company computers.
''I think a lot of companies are blissfully unaware of what their employees do on their networks,'' Ken van Wyk, principal consultant for KRvW Associates, said. ''I think the potential for spyware to do really bad things is certainly out there. The potential for danger is pretty daunting. I certainly wouldn't want any of that sitting on my network.''
One reason for this type of network abuse, experts say, is that many employees feel more comfortable surfing for porn while at work, rather than do it at home in closer proximity to family members. Employees also tend to think they can get away with using company time for their own viewing pleasure, but what they don’t realize is that with each download comes the huge potential for illegal and legally installed spyware.
“They wouldn't do it at home because they're afraid of what [malware] they might get,” said Ken Dunham, a senior engineer for VeriSign iDefense Intelligence. “But they'll surf at work because it's not their system, and they don't think they have to worry about it... It's like owning a house or renting a house.''
In many cases, surfers visiting porn sites are asked to download an executable file before viewing content and often times that file comes with an attachment containing spyware.
“You think you're just getting this pornography package but there might be a bunch of things being installed with it and you have no idea,” Dunham said.
The first quarter of 2004 was the worst period on record for massive and large outbreaks of malware, adware and spyware, according to Enrique De Argaez, webmaster of the Internet World Stats website.
Many malware programs often change browser settings, alter system files and create new default web pages, and infected systems are plagued with new tool bars and a constant barrage of popup ads. Malware will also collect personal information from users' systems regarding their web activities, which is sold to advertising and data research companies. Several malware programs even regularly update their own program codes on infected computers.
The big danger for corporate infestations of malware and spyware is that many forms of spyware can track user activity, identify files and their locations and capture passwords. Sensitive personal and corporate data can then be automatically uploaded to servers controlled by spammers, mass marketers and hackers.
