While you were Burning / vacationing / spacing out offline this Labor Day weekend, many folks online were hit with invitations from a social networking service called Quechup that violates your address book, and abuses user trust by spamming all your contacts.

read more | digg story

Spyware?

Well, yes, of course it is spyware…but the worse kind. It is the kind of spyware we install on our computers and set loose ourselves. This is like feeding a Gremlin after midnight or pouring water on it…our own darn fault. What happens typically is a program, in this case an up and coming social network, is installed and in tiny print in the EULA they say they will be doing something nasty that if asked up front you would not allow. In this case the social network begins spamming all your friends to join the network as Mashable reports.

I did it to myself?

Yes this is what is called social engineering. It is close relative to an “I love you” or “Sadam is Alive” email that tricks users into taking action. The sad part is that we agree to it when we click “I agree” in the EULA or end user license agreement.

What can I do to avoid this spyware?

The best thing anyone can do is…read the license agreement. This is boring and no fun and will take some time, but you will quickly get used to skimming these things and locating any loopholes like saying it will email all your contacts and invite them or it will monitor the site you surf or even worse…your key strokes. This is why in the corporate community it is so important to do two important things:

1. Educate your employees
2. Lockdown the desktops so nothing can be loaded

Be careful and be safe and remember what the famous economist Milton Freeman said, “There is no such thing as a free lunch”. If it is free there is always a catch.

Michael Rowles

Anti-Spyware Advocate