Malware (short for malicious software) is an umbrella term for a range of online threats, including viruses, ransomware, spyware, and other types of harmful software. The harm caused by malware includes:
- causing a device to become locked or unusable,
- stealing, deleting, or encrypting data,
- taking control of your devices to attack other organisations,
- obtaining credentials that allow access to your organisation’s systems or services that you use,
- ‘mining’ cryptocurrency, or
- using services that may cost you money (e.g., premium rate phone calls).
The most common way cybercriminals distribute malware is via a link or attachment in spam or phishing emails and messages. Malware can also spread through malicious websites and pop-up advertisements that attempt to install malware when you click it. Malware like computer viruses can disseminate through shared USB sticks and Wi-Fi networks. It can even masquerade as a good application like an anti-virus or security product that you download and install yourself!
Malware can take many forms. The common malware includes:
- Viruses
A computer virus is a type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another. As they spread, they can steal personal information, cripple computer performance, corrupt files, spam your email contacts, and even take over your machine. - Ransomware
Ransomware is a common and dangerous type of malware. It works by locking up or encrypting your files so you can no longer access them. The attacker then demands a ransom from the victim to restore access to the data upon payment. - Spyware
Spyware is malicious software designed to gather data about you by secretly monitoring your online activities and forwarding it to a third party without your consent. - Trojan Malware
A Trojan Malware or Horse Virus is a type of malware that downloads onto a computer disguised as a legitimate program. Cybercriminals use social engineering to hide malicious code within legitimate software to try and gain users’ system access to their software. - Adware
Adware or advertising-supported malware is unwanted software designed to throw advertisements up on your screen, most often within a web browser. Although it seems like the type of malware that can easily be identified, many people still fall victim to this type of cyber-attack.
Cyberattacks can strike at any time and to anyone. Knowing what to look out for is the first step to avoiding it. Practice these digital best practices to increase your security:
- Keep your computer system and apps up to date
System updates usually carry the most recent security patches to protect your device from the latest-known attack. Don’t miss any updates, and don’t forget to restart your device afterwards. It’s also good to replace your hardware every five years or so, as older hardware may not be compatible with the latest system update. - Take time to double-check before taking action on an email
It takes a few seconds to make sure an email is legitimate. You can hover over the sender’s name, any hyperlinks, or buttons, to see the email address or URL linked to it. - Invest in antivirus and endpoint protection software
Antivirus and endpoint protection can help detect, prevent, and eliminate malware on devices. It will also help to turn on pop-up blockers on your browser. - Protect your online account
Using Multi-Factor Authentication (MFA) and a strong password adds more layers of security to your online accounts. You can also use a password manager, so you don’t have to remember all your passwords!