Skip to Main Content Skip to bottom Skip to Chat, Email, Text

What is spyware?

Person's arm and hand in image, holding smart phone with code in the background

This article has been vetted by University of Phoenix's editorial advisory committee. 
Read more about our editorial process.

Kathryn Uhles, MIS, MSP, Dean, College of Business and IT

At a glance

This article was updated on 12/1/2023.


One of several types of malicious code, spyware is a program that allows a hacker to secretly obtain information about a device’s user. Hackers use spyware to illegally obtain data like passwords, payment information or login credentials.

Once activated, spyware can cause damage to your device beyond identity theft. In some cases, spyware causes network disruptions or even damages your hardware.

The faster you identify spyware on your device, the faster you can remove it and prevent it from compromising your hardware and data.

Learn how to stop cyber threats with a Cybersecurity degree. 


Common examples of spyware

There are four main types of spyware:

  1. Adware
  2. Tracking cookies
  3. Trojan spyware
  4. System monitors

Each type can create major problems for your network security. These problems might start small — your device may experience slower load times or programs may crash or freeze. As it begins to take greater hold of your device, these problems will likely worsen.

Learning to recognize each type is one of the best ways to prevent malicious code from attacking your device. Diagnosing spyware can help remove malware infections and minimize damage.


Adware is a malicious advertising program that automatically displays advertisements to users. Different types of adware work in different ways. For example, some adware only appears when you’re using a specific internet browser. In other cases, it might display ads as soon as you turn on your device.

Your device can download adware after opening a malicious message or visiting an unsecured website. The adware begins to show ads, making revenue for the advertiser or the hacker. These ads are shown without the user’s consent and often require a security process to be deactivated.

Tracking cookies

Tracking cookies are specialized cookie files that can be shared across devices or networks. The files are often used for legitimate marketing purposes or by your device to remember trusted websites.

In some cases, however, these files are used maliciously to track your browsing behavior without your consent. This occurs when files override your cookie or browser preferences and deliver your information to third parties without your knowledge or consent.

Many tracking cookies are small text files, which are more difficult for users to identify when looking for malware on their devices. These files cannot contain viruses, but hackers can use them to track your internet activity. Hackers then use your information to access personal files or data.

Trojan spyware

Trojan spyware, commonly known as a Trojan horse, is spyware that appears to be harmless. Once activated, it unleashes a payload — a set of malicious codes — that can compromise your device or your data in several ways.

Trojan spyware attempts to deceive a device user by looking like a reputable download that, once downloaded, clicked on and executed, releases the payload. It will often begin sifting through your personal information. This can include stored passwords, credit card data, images, text files and other items that could contain sensitive data.

Using your internet connection, it then delivers that information to a hacker. Hackers can also use Trojan horse spyware to download additional harmful programs to your device.

System monitors

System monitors are another type of spyware. These programs track your actions while you use a device. Some system monitoring programs track keystrokes, while others might monitor your email, browsing history or a list of the programs you use.

System monitoring programs are often disguised as freeware — software that is available for download online at no cost. The downloaded program soon begins to monitor a user’s activity and delivers results to hackers.

read similar articles

Laptop showing a malware alert message

Types of malware and how to prevent it

Spyware removal

After you’ve identified spyware on your device, it’s time to remove it. Removing spyware can take time, but it’s an important step in securing your device and the data stored on your hard drive.

Here are some of the major steps to remove spyware:

  • Update your system’s software — Check your device’s security software to make sure you’re running the latest version.
  • Enable two-factor authentication — Provide two different methods of personal authentication to verify your identity.
  • Install an anti-spyware program — Download and run a trusted anti-spyware program to diagnose and remove any spyware.
  • Remove suspicious files — Examine files and remove any unfamiliar or suspicious programs, icons or documents.
  • Run manual scans — Regularly scan your device to manually check for different types of spyware.

After these steps, it’s important to check the status of your device. Perform a manual scan of your device using a trusted security program to ensure you’ve removed all traces of the spyware from your phone, tablet, computer or any other devices you use.

How to prevent spyware

Spyware represents a serious concern for many device users. Fortunately, people can reduce the risk of spyware infection and improve their overall network security. For example, don’t click on a link in an email unless you know who sent it and you trust the link, and always check the email address of the sender (not just the name that may show up). These strategies can’t eliminate the risk of spyware, but they can help protect your devices and your internet connection from spyware that might be waiting.

Practice caution when consenting to cookies

Cookies are pieces of data stored on your web browser to identify your device whenever you visit a new website. While cookies sometimes make browsing more convenient, they can create vulnerability for spyware infection.

Whenever you visit a new website, it’s important to practice caution when consenting to cookies. Review the website’s cookies policy, which will outline the custom experience options available to users.

Update software diligently

Updating your device’s software can help further protect against spyware. For example, security updates for Android and iOS contain upgrades that help defend your device from malicious code. The updates often contain security patches — solutions for infections that might affect previous operating systems.

Installing software updates rather than putting them off reduces risk of spyware. Delaying gives hackers more time to find and exploit vulnerabilities in your device’s programming.

Install an anti-tracking browser extension

Installing an anti-tracking extension in your browser can also help keep your device safe. These programs can protect data by blocking tracking programs. Anti-tracking browser extensions can also disable features that automatically deliver your data to third parties.

Even a simple anti-tracking browser extension can help prevent spyware from reaching your device. The extension helps minimize cookie activity as you browse the internet, reducing the chance that a system-monitoring program can acquire and deliver your information to a hacker or even to an advertiser.

How to learn more about spyware and cybersecurity

Evolving spyware is a growing concern in the cybersecurity world, and the future of cybersecurity will need trained professionals to address these issues.

Aspiring spyware professionals first need to learn more about cybersecurity and its various fields. For example, many learners pursue an online technology degree in cybersecurity, software development, cloud computing or a related field. These degree programs help candidates build on-the-job skills and gain valuable experience in the tech industry.

For senior roles, some cybersecurity professionals will also need a more advanced degree. After completing an undergraduate degree, for example, you might also need a Master of Science in Cybersecurity. This program helps you further develop skills in security policies, system vulnerabilities, software development and other fields.

Cybersecurity and IT education at University of Phoenix

Whether you’re seeking to gain a basic understanding of cybersecurity and other IT skills, or you’re a working professional looking to expand your knowledge, University of Phoenix offers online course collections, certificates and degrees.

  • CYB/110 Foundations of Security course — The great thing about this single course is that it aligns to a Certified Secure Computer User (CSCU) exam with EC-Council. Anyone who passes this class is eligible for a free exam voucher for the CSCU industry certification exam. Passing the exam increases your reputation as an ethical and responsible IT professional.
  • Certified Ethical Hacker Course Collection — This course collection can help you prepare to sit for the EC-Council Certified Ethical Hacker (CEH) exam. Topics include the phases of ethical hacking, recognizing weaknesses and vulnerabilities of a system, social engineering, IoT threats, risk mitigation and more.
  • Computer Hacking Forensics Investigator Course Collection — This course collection can help prepare you to sit for the EC-Council Computer Hacking Forensics Investigator (CHFI) certification exam. You’ll learn about the latest technologies, tools and methodologies in digital forensics, including dark web, IoT, malware, cloud and data forensics.
  • Cybersecurity Digital Forensics Certificate — Ideal for students with a cybersecurity background, this certificate program covers methods for planning, implementing and monitoring security measures.
  • Associate of Science in Cybersecurity — The International Council of E-Commerce Consultants (EC-Council) and University of Phoenix teamed up to launch the Associate of Science in Cybersecurity degree and elective courses that align with three EC-Council certification exams: Certified Ethical Hacker (CEH), Certified Network Defender (CND) and Certified Secure Computer User (CSCU).
  • Bachelor of Science in Cybersecurity — This online program teaches skills such as security policies, network security, cybersecurity and more. This degree is also aligned to certifications such as CEH, CND and CSCU.
  • Bachelor of Science in Information Technology — Learn skills pertaining to information systems, system analysis, operations and cybersecurity.


Michael Feder is a content marketing specialist at University of Phoenix, where he researches and writes on a variety of topics, ranging from healthcare to IT. He is a graduate of the Johns Hopkins University Writing Seminars program and a New Jersey native!


want to read more like this?

Advantages of Receiving a Cloud Computing Certificate

Online Degrees

May 11, 2023 • 7 minutes

What Is Cryptojacking?

Online Degrees

November 23, 2022 • 5 minutes

What is Information Technology? A Beginner's Guide

Online Degrees

January 12, 2022 • 14 Minutes