Spyware and adware are advertisement-focused applications that, much like computer viruses, install themselves on systems with little or no user interaction. While such an application may be legal, it is usually installed without the user’s knowledge or informed consent. A user in an organization could download and install a useful “free” application from the Internet and in doing so, unwittingly install a spyware component. The term ’spyware’ is commonly used to describe both spyware and adware applications and will be used here to that extent for convenience.
Adware is a program that employs a targeted marketing technique. It usually monitors the user’s activity on the net and displays advertisements based on this information. Adware applications connect to remote servers to download new ads and check for software updates for themselves. Users’ details and online behavior are not shared or transmitted to these servers. Adware is similar to spyware in many aspects but is generally considered more “ethical”.
Like adware, spyware applications monitor the user’s Internet activity, commonly accessed sites, surfing habits and keywords used in search engines. The main difference between the two is that spyware relays this information to an external entity. This entity will then display pop-up advertisements or redirect the user’s search to display advertisements related to the search term used. Some spyware will even go as far as hijacking the infected system’s default browser. This type of spyware, can shape the user’s Internet surfing experience as their vendors please. On specific variant of this method referred to as “Thiefware”, adds context sensitive hyperlinks to the textual content of 
visited web sites.
Information collected by spyware and sent to remote servers could be anything, from previously monitored activities to the user’s personal information, or any confidential information, files and documents stored on the infected system.
With increased proliferation, spyware has become one of the main security concerns of many organizations. Some organizations even consider spyware to be the single greatest security threat.
Today we can say that most spyware is considered as commercial malicious code, which is openly developed, marketed and distributed without interruption and operates, at best, in gray legal areas.
