The term spyware is a catchall term for several types of applications that collect user data on host PCs for both commercial and malicious purposes. These application threats generally fall into 3 categories: spyware, adware, and other. Threats are categorized based upon the behaviors that are exhibited by the applications, assertions made by the publisher and the distribution of the software. Note that threats may fall into one or more sub-categories.
Spyware:
Spyware (General)
Any program that sends information about a user, the user's behavior, the computer system, or the computer system's use without explicitly requesting permission from the user to do so at least once every time the program is executed.Trojan Horse
Any program which allows a remote person or computer to access any resources or information of a computer system including access to the computer's network connection without explicitly prompting the local user for permission for each instance of access.Keystroke Loggers
Any program which records the keyboard usage of a computer system without explicitly requesting permission from the local user each time the program is executed.Browser Plugins
Any type of program or code which has unwanted software characteristics but only executes when a web browser program is run.3rd Party Cookies
Any web browser cookie which is used for the purpose of tracking the web page access activities of the user that is not sent from the web site that the user directed their web browser to initially.
Adware:
General Adware
Any program that runs on a computer system whose sole purpose is to present advertising to the users without any additional benefit to the computer system user.Any program which presents advertising that the user is not clearly notified about when the program begins execution.
Browser Plugins
Any program that executes when an Internet web browser is used which also meets the criteria for General Adware.
Other:
Worms
Any program or code which attempts to self-propagate to other computer systems or propagate with the assistance of users, while misrepresenting its purpose or behavior and offering no benefit to the system owner or user.Hacker Tools
Any computer program or code whose primary purpose is to determine the presence of or circumvent computer system security controls.Dialers
Any program which causes a computer system modem or telephone system to dial out without expressly prompting the user on each instance and accurately reflecting the financial impact to the user for allowing the call.Screen Loggers
Other
Any program which captures information, text, or other content that is displayed on the screen without conspicuously notifying the user each time.
Any software or program which exhibits the traits or behaviors associated with potentially unwanted software which does not fit into one of the above categories.
The definition of spyware is evolving as threats emerge and threat analysis becomes more complete. With the emergence of spyware as both a consumer and enterprise problem, the US Government has taken notice of the topic and is developing legislation to cover the proper (or improper) use of spyware. For further information, see US H.R. 2929 "Securely Protect Yourself Against Cyber Trespass Act'' aka "SPY ACT".