Spyware: What is spyware + how to protect yourself


What is spyware and what does it do? Spyware is a type of malware that infiltrates your device and covertly gathers intel about you. Learn more, including spyware removal tips, in this guide.

Spyware is a type of malicious software that is installed on your computer or mobile device without your consent. It can gain access to your sensitive personal information and then relay it to other parties, some malicious.  

Although the term "spyware" may sound like something right out of a secret agent movie, this sneaky software is anything but entertaining. Spyware is actually one of the most common threats on the internet today. It can easily infiltrate your device and, because of its covert nature, it can be hard to detect.  

To this end, consider this your ultimate guide to just what is spyware, what does spyware do, and how to remove spyware, should you become a victim.

What is spyware?

A spyware definition is followed by illustrations and text describing four types of spyware: adware, trojans, internet tracking, and system monitors.

For a spyware definition, spyware is a type of malware that's installed on your device without your knowledge or permission, covertly gathering intel about you. Its surveillance of your sensitive information can do everything from causing pesky advertising and pop-ups to appear on your device all the way to tracking your keystrokes and login credentials. As for the data spyware collects? It might supply that to the spyware author or a third party. 

And while the term "spyware" is generally reserved for software with malicious intent, it's worth noting that not all software that tracks your web activity does so for bad reasons. Some online tracking is used for things like remembering your login information or customizing your website experience.

Types of spyware 

There are four common types of spyware. Their function ranges from tracking your browser activity so marketers can target your interests, for instance, to monitoring your keystrokes and nearly everything you do on your device. Here are some of the unique tactics each type of spyware uses to track you:        

Adware tracks your browser history and downloads with the intent of predicting what products or services you’re interested in. It's used for marketing purposes.·        

Trojans are a type of malware disguised as legitimate software. Just like the Trojan horse from Greek mythology, a trojan tricks you into letting it in (or, more specifically, onto your device), by acting like a software update or file. Then it damages, disrupts, or steals your data.         

Internet tracking is a common practice used to follow your web activities—like browsing history and downloads—mostly for marketing purposes.         

System monitors are a type of spyware that can capture just about everything you do on your computer. System monitors can record all of your keystrokes, emails, chat room dialogs, websites visited, and programs run. System monitors are often disguised as freeware.

What does spyware do?

What does spyware actually do? The better you understand how spyware works, the better you can defend against it. Generally, spyware:

  1. Infiltrates your device: This could happen when you visit a malicious website, unwittingly install a malicious app, or even open a file attachment.
  2. Captures your data: Once the spyware is on your  device, it begins to collect data, which could be anything from your web activity to screen captures or even your keystrokes.
  3. Provides data to a third party: The captured data is then supplied to the spyware creator, where it is either used directly or sold to third parties. 

The data collected through spyware may include things like:        

  • Web browsing history
  • Keyboard strokes
  • Email address
  • Login credentials (usernames and passwords)
  • Credit card details and account PINs

How to recognize spyware 

How do you get spyware? Well, it was once more of a problem for Windows operating systems, but that's no longer strictly the case. Spyware can affect PCs, Macs, and iOS, or Android devices, including mobile phones and tablets. Basically, if your device can connect to the internet, it can be infected with spyware. 

Some common ways your device might become infected with spyware include:        

  • Accepting a prompt or pop-up without reading it first        
  • Downloading software from an unreliable source        
  • Opening email attachments from unknown senders        
  • Pirating media such as movies, music, or games        
  • Clicking a link to a malware-laden website 

Spyware creators may use clever tricks to deceive you. The spyware may be packaged alongside free software made to seem like a useful tool, or in an email attachment that seems legitimate.

Signs of a spyware infection 

Spyware can be difficult to recognize on your device—it’s meant to be deceptive and hard to find. Like a spy, it works covertly, gathering intel about you. Even so, there are clues that can help you identify whether you’ve been infected. You may have a spyware issue if your computer shows these symptoms:        

Your device is slow, crashes unexpectedly, or starts displaying error messages.        

  • Your device is running out of hard drive space.        
  • You're annoyed by frequent and persistent pop-ups.        
  • Your browser redirects you to pages you haven't navigated to.        
  • Your browser no longer points to your usual homepage.        
  • You discover icons for programs you didn't download on your device.·        
  • Your browser displays a new toolbar or plugin you didn't add.

How to protect yourself from spyware

A chart overviews how to prevent spyware infections with a list of three do's and three don'ts.

Spyware creators tend to cast a broad net to gather vast amounts of information from as many people as possible. That's why it's important to take precautions and practice good internet safety

Although anyone who uses the internet can potentially get spyware on their devices, there are ways to prevent spyware infections. Here are a few do’s and don'ts:        

  • Do use reputable antivirus software with spyware protection.        
  • Do use a pop-up blocker or avoid clicking pop-up ads.        
  • Do keep your computer or mobile operating systems updated.        
  • Don't open unsolicited or suspicious email attachments.        
  • Don't open suspicious-looking emails from unknown senders.        
  • Don't click links in text messages from unknown senders. 

Spyware authors have sophisticated ways of tricking internet users into unwittingly downloading spyware. It pays to treat anything unexpected or unknown that appears on your device or in your email inbox as suspect until proven otherwise.

How to remove spyware

Spyware is a common problem for internet users. If you think your device has been infected, there are steps you can take to remedy the problem. 

Removing spyware from your computer 

If you suspect your desktop or laptop computer has been infected with spyware, take these steps to identify the infection and remove it:

  1. Run a scan with your security software: The scan will help to identify and remove malware. 
  2. Download and run a virus removal tool: A reputable virus removal tool scans for threats that traditional antivirus software may not detect.

Once you've cleaned your system, consider adding an ounce of prevention. There are high-quality anti-spyware tools available that will monitor your system continuously to help prevent spyware from accessing or modifying your personal information. 

Removing spyware from your mobile phone 

Mobile devices can become infected with spyware, too. If you've noticed any signs of infection, there are steps you can take to remove the spyware.   

  1. Uninstall apps you don't recognize: Go to your phone's settings, click on "Apps," and uninstall any apps you find suspicious.   
  2. Run an antivirus or malware scan: You may have an app that came packaged with your phone, or you may need to download and install a reputable app from the official app store for your device. 

If uninstalling apps and running a malware scan doesn't fix the problem, consider backing up your data and then factory resetting your phone. 

What to do after spyware removal 

Your work isn't quite finished once the spyware has been removed from your device. There are some steps you should take to protect your personal data from being further exposed.         

  • Change your passwords: Once your system has been cleaned, take steps to secure your personal data by changing your email and other important account passwords.         
  • Alert your financial institutions: If you believe financial credentials such as credit card data may have been exposed, make sure your financial institution is on the lookout for fraudulent activity and keep an eye out yourself.  

Although not all spyware gains access to things like your passwords and credit card information, it can still make sense to safeguard important personal data after an infection.  

With a better understanding of what spyware is and how it functions, you can take steps to keep your devices and your confidential data secure.

FAQs about spyware

Here are answers to a few of the most-asked questions about spyware.

Is spyware a virus?

Spyware and computer viruses are in the same family—they're both malicious types of software. But there are some differences. Spyware is a type of malware that collects your personal information and gathers data about you without your consent. Viruses are a type of malicious software designed to spread from your device to other devices.

Can spyware be detected?

Spyware can be detected by advanced internet security software and anti-malware software. If you've noticed that your computer or device is behaving differently (such as running slowly or displaying unusual or especially intrusive pop-ups), run a scan to identify and remove the threat.

What are examples of spyware?

Some of the most notorious spyware programs that have been identified include:        

  • CoolWebSearch (CWS): This spyware has been around since 2003. It redirects your browser to a new homepage and then continuously creates pop-up ads, often to unsavory sites while changing browser permissions so that unsafe sites are marked "safe."        
  • Olympic Vision: Olympic Vision spreads through email campaigns aimed at employees of specific companies. It logs keystrokes and steals clipboard data and other user credentials.        
  • HawkEye: This keylogger covertly captures things like keystrokes, account credentials, and other high-risk personal information.

Are tracking cookies spyware? 

Tracking cookies can be spyware, but it depends on the type of tracking cookie. Not all tracking cookies are harmful or disruptive. 

First-party cookies aren't necessarily spyware. Reputable websites will ask you to accept their tracking cookies the first time you visit. These cookies help the website to identify you when you visit again and assist with things like login, accessing your user profile, and personalizing your browsing experience while you're using the site.  

Third-party cookies are often a type of spyware. They come from a website or ad server other than the site you're currently surfing, and they often allow advertisers to track your online activities or analytics companies to collect and sell your data. 

The freedom to connect more securely to Wi-Fi anywhere

With Norton™ Secure VPN, check email, interact on social media and pay bills using public Wi-Fi without worrying about cybercriminals stealing your private information

Try Norton Secure VPN for peace of mind when you connect online

Clare Stouffer
  • Clare Stouffer
  • Gen employee
Clare Stouffer, a Gen employee, is a writer and editor for the company’s blogs. She covers various topics in cybersecurity.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.