Malware is a catch-all term for any type of malicious software designed to harm or exploit any programmable device, service or network. Cybercriminals typically use it to extract data that they can leverage over victims for financial gain. That data can range from financial data, to healthcare records, to personal emails and passwords—the possibilities of what sort of information can be compromised have become endless.
Why do cybercriminals use malware?
Malware encompasses all types of malicious software, including viruses, and cybercriminals use it for many reasons, such as:
Tricking a victim into providing personal data for identity theft
Stealing consumer credit card data or other financial data
Assuming control of multiple computers to launch denial-of-service attacks against other networks
Infecting computers and using them to mine bitcoin or other cryptocurrencies
How does malware spread?
Since its birth more than 30 years ago, malware has found several methods of attack. They include email attachments, malicious advertisements on popular sites (malvertising), fake software installations, infected USB drives, infected apps, phishing emails and even text messages.
Types of malware?
Unfortunately, there is a lot of malware out there, but understanding the different types of malware is one way to help protect your data and devices:
A virus usually comes as an attachment in an email that holds a virus payload, or the part of the malware that performs the malicious action. Once the victim opens the file, the device is infected.
One of the most profitable, and therefore one of the most popular, types of malware amongst cybercriminals is ransomware. This malware installs itself onto a victim’s machine, encrypts their files, and then turns around and demands a ransom (usually in Bitcoin) to return that data to the user.
Cybercriminals scare us into thinking that our computers or smartphones have become infected to convince victims to purchase a fake application. In a typical scareware scam, you might see an alarming message while browsing the Web that says “Warning: Your computer is infected!” or “You have a virus!” Cybercriminals use these programs and unethical advertising practices to frighten users into purchasing rogue applications.
Worms have the ability to copy themselves from machine to machine, usually by exploiting some sort of security weakness in a software or operating system and don’t require user interaction to function.
Spyware is a program installed on your computer, usually without your explicit knowledge, that captures and transmits personal information or Internet browsing habits and details to its user. Spyware enables its users to monitor all forms of communications on the targeted device. Spyware is often used by law enforcement, government agencies and information security organizations to test and monitor communications in a sensitive environment or in an investigation. But spyware is also available to consumers, allowing purchasers to spy on their spouse, children and employees.
Trojans masquerade as harmless applications, tricking users into downloading and using them. Once up and running, they then can steal personal data, crash a device, spy on activities or even launch an attack.
Adware programs push unwanted advertisements at users and typically display blinking advertisements or pop-up windows when you perform a certain action. Adware programs are often installed in exchange for another service, such as the right to use a program without paying for it.
Fileless malware is a type of malicious software that uses legitimate programs to infect a computer. Fileless malware registry attacks leave no malware files to scan and no malicious processes to detect. It does not rely on files and leaves no footprint, making it challenging to detect and remove.
How do I know I’ve been infected with malware?
The most common signs that your computer has been compromised by malware are:
Slow computer performance
Browser redirects, or when your web browser takes you to sites you did not intend to visit
Infection warnings, frequently accompanied by solicitations to buy something to fix them
Problems shutting down or starting up your computer
Frequent pop-up ads
The more of these common symptoms you see, the higher the likelihood your computer has a malware infection. Browser redirects and large numbers of pop-up warnings claiming you have a virus are the strongest indicators that your computer has been compromised.
How can I protect myself from malware?
Even though there are a lot of types of malware out there, the good news is, there are just as many ways to protect yourself from malware. Check out these top tips:
Protect your devices
Keep your operating system and applications updated. Cybercriminals look for vulnerabilities in old or outdated software, so make sure you install updates as soon as they become available.
Never click on a link in a popup. Simply close the message by clicking on “X” in the upper corner and navigate away from the site that generated it.
Limit the number of apps on your devices. Only install apps you think you need and will use regularly. And if you no longer use an app, uninstall it.
Use a mobile security solution like McAfee® Mobile Security, available for Android and iOS. As malware and adware campaigns continue to infect mobile applications, make sure your mobile devices are prepared for any threat coming their way.
Don’t lend out your phone or leave your devices unattended for any reason, and be sure to check their settings and apps. If your default settings have changed, or a new app has mysteriously appeared, it might be a sign that spyware has been installed.
If you don’t already have comprehensive security protection on all your devices, then try out McAfee® Total Protection, which protects all your PCs, Macs, tablets and smartphones from online threats while safeguarding your data and identity.
Be careful online
Avoid clicking on unknown links. Whether it comes via email, a social networking site or a text message, if a link seems unfamiliar, keep away from it.
Be selective about which sites you visit. Do your best to only use known and trusted sites, as well as using a safe search plug-in like McAfee® WebAdvisor, to avoid any sites that may be malicious without your knowing.
Beware of emails requesting personal information. If an email appears to come from your bank and instructs you to click a link and reset your password or access your account, don’t click it. Go directly to your online banking site and log in there.
Avoid risky websites, such as those offering free screensavers.
Pay attention to downloads and other software purchases
Only purchase security software from a reputable company via their official website or in a retail store.
Stick to official app stores. While spyware can be found on official app stores, they thrive on obscure third-party stores promoting unofficial apps. By downloading apps for jailbroken or rooted devices, you bypass built-in security and essentially place your device’s data into the hands of a stranger.
When looking for your next favorite app, make sure you only download something that checks out. Read app reviews, utilize only official app stores, and if something comes off as remotely fishy, steer clear.
Do not open an email attachment unless you know what it is, even if it came from a friend or someone you know.
Perform regular checks
If you are concerned that your device may be infected, run a scan using the security software you have installed on your device.
Check your bank accounts and credit reports regularly.
With these tips and some reliable security software, you’ll be well on your way to protecting your data and devices from all kinds of malware.