What is Malware?
Malicious software, more commonly known as malware, is exactly what its name implies – a form of malicious software that infects devices through various techniques, such as victims clicking on phishing emails or downloading dangerous files like games, movies or software.
How does malware work?
First, let’s examine how malware gets on your computer in the first place. Cybercriminals trick victims into downloading malware by enticing them to click on malicious links or download malicious files. These files are designed to look innocent and could be anything from a PDF file to a game or pirated software. Once you’ve downloaded the file to your computer, the malware installs itself silently in the background.
Once malware is installed, it can do any number of things, including:
- Log your keystrokes, take screenshots of your activity or even compromise your computer’s camera and microphone. It then transmits all of this data to a cybercriminal.
- Take advantage of any vulnerabilities on your computer, such as unpatched operating systems or software.
- Install ransomware on your machine, then seek to infect other machines on your network.
Types of malware
Ransomware
Ransomware is a well-known type of malware that targets businesses and individuals. When ransomware infects a user’s device, it encrypts certain directories and files, or even the entire computer, effectively locking the victim out of their system. A pop-up appears, demanding the victim pay a ransom, usually in bitcoin or another cryptocurrency, in exchange for a decryption key to regain access to their computer or files.
Unfortunately, paying the ransom does not guarantee the cybercriminal will send a working decryption key. Additionally, cybercriminals may also commit double extortion by demanding a second ransom not to leak the stolen data. Even if a decryption key works, ransoms can be very high and have significant impacts on individuals and organisational budgets. According to Keeper's 2021 Ransomware Impact Report, 93% of organisations that paid ransoms were forced to tighten budgets in other areas afterward.
Trojan horses
Trojan horses are another common malware type. This type of malware is hidden inside an innocent-looking file delivered through an email attachment or downloaded from a website. Once the malware is downloaded, the malicious code does whatever the cybercriminal engineered it to do. This can range from accessing corporate systems to stealing credentials and other sensitive data.
Spyware
Spyware is a type of malware that also does what its name implies – it spies on the victim. Spyware can do anything from logging your keystrokes to accessing your camera and microphone. All of the information it captures is sent directly to the cybercriminal who deployed it.
Keylogging spyware is commonly used to steal login credentials because it records everything you type, including when you type out passwords to log in to accounts. If you reuse passwords, capturing just one password enables the cybercriminal to get into multiple other accounts as well.
Common causes of malware
Your device can be infected with malware in a variety of ways. Here are a few of the most common.
Spoofed websites
Spoofed websites are sites designed to look like legitimate ones. Say you meant to go to your bank’s website, but you somehow ended up on one that looks just like it. It can be hard to tell that the site is phony unless you examine the URL, also known as the website address, very closely.
Spoofed sites are becoming increasingly common. Our 2021 Ransomware Impact Report reveals that malicious websites accounted for 23% of ransomware attacks.
Phishing emails and messages
Phishing emails and message are also a common vector for malware. Phishing is a social engineering attack that aims to get the victim to reveal sensitive information. This is done by conveying an urgent message to get the victim to take immediate action.
Phishing emails and messages often contain malicious links and attachments or lead you to sites that will silently infect your device with malware as soon as you visit, which is known as “drive-by malware.”
Downloading free stuff on the internet
We all love free things, but downloading free movies, TV shows, games and apps poses a major risk to your data, credentials and overall online security. When you download files from unreliable sources, those files can contain malware.
How to detect malware
If your device has been infected with malware, it’s crucial to detect the infection and get rid of it as soon as possible. The longer you wait, the more the malware spreads. In addition to damaging your machine, this can lead to infections on other devices connected to the same WiFi network. Here are a few warning signs to look out for.
Slow computer
When malware infects your computer, you may notice your computer suddenly slowing down. Webpages will start to take longer to load and it may appear that your computer is lagging.
Excessive pop-ups
Malware can also cause your computer to start showing more pop-ups than usual. If you notice more pop-ups on your screen, your device may have been infected with malware.
Overheating
Since malware causes your computer to slow down because of overexertion, it can also lead to your computer overheating. While other activities, such as graphics-intensive games, can also cause your computer to overheat, overheating can be a tell-tale sign your computer has been infected with malware – especially if you recently downloaded a file or clicked on an unsolicited link.
Once you’ve detected the malware on your device, you can take the following steps to get rid of it.
How to get rid of malware
The best way to get rid of malware is to install antivirus software. Antivirus software prevents, detects and removes malware. When malware infects a computer, it usually installs multiple files, and the antivirus software will seek out and remove all of them.
If your antivirus software doesn't fully remove the infection, don't just start trying to find and delete files on your own! Consult a professional. If the malware is on your work machine, contact your IT help desk immediately.
How to prevent malware
Antivirus software isn't the only measure you can take to prevent malware. Here are a few preventative measures that you can implement right away.
Learn how to detect phishing emails and messages
Learning how to spot phishing emails and messages is an important step to preventing malware, as phishing is one of the most common ways that malware gets onto machines. Never click on links or download attachments sent via email or messaging platforms unless you know the sender and were expecting them to send you the file or link.
Keep your operating system and software up to date
Many types of malware take advantage of unpatched operating systems and software, so be sure to keep your computer and all of your apps updated. Install manufacturer updates as soon as possible after receiving notice of them, as they frequently contain important security patches.
Stay educated on cybersecurity
One of the most important things you can do for your online safety and security is to always stay educated about all things related to cybersecurity. Knowing the latest news and cybersecurity best practices will help you understand what you can do to protect yourself from common cyber threats such as malware.
Learn the signs of a malicious website
Knowing the difference between a legitimate and malicious website can prevent your device from being infected with malware. Some common signs of a malicious website include the following:
- A "weird-looking" URL: Instead of www.google.com, the URL says www.oogle.[weirdtext].com or www.g0ogle.com.
- The website says you've "won a prize": You haven't actually won anything.
- The website generates pop-ups with warnings or instructions: Upon visiting the website, you get pop-ups warning that your computer has been infected with malware, or that your software is out of date. Or the site may just automatically prompt you to download a file.
Stay protected from malware
Malware can affect both businesses and individuals, so knowing what it is and how to protect yourself against it can make a big difference. Since malware can also affect your credentials, another way you can protect yourself is by using a password management solution.
A password manager is a tool that helps you track, store, manage and share passwords with ease. A password manager also aids in creating strong, unique passwords for each of your accounts. This prevents you from using the same password across different accounts, which can be easily compromised if your computer were to become infected with malware. Password managers also help prevent keyloggers from being able to register your credentials since you won’t have to type them manually when you log in because of autofill.
As humans, we tend to believe what we see, which is why we often fall for malicious links. When a password manager like Keeper® is used, it can identify when a site’s URL doesn't match what’s stored in the user’s vault. This is why a password manager is a critical tool for preventing the most common cyber attacks such as phishing.