A Brief Guide to Malware and What to Do About It

Doing anything online comes with its own set of risks, of course, but it’s hard to be fearful of the vague threat of being told to avoid viruses. As it turns out, there are more things to be wary of besides viruses, which are only one type of malicious software, or “malware.” Malware is any piece of software that can be utilized by one user to do harm to another user, device, server or network. Victims of malware attacks might experience new nuisance behaviors on their device, privacy invasion, financial theft, data manipulation and more. Furthermore, some of these versions of malware even team up to maximize their damaging effect on a victim’s system.

In a world beyond simple viruses, what are these additional risks? What do they do? How can you tell if your computer has been infected with malware? What can you do about it? Our chart on this page provides you with a brief glimpse into seven common varieties of malware and what happens if they find their way onto your device. Each malware category is explained in greater detail below the chart, as well as what to do if you discover malware. You can also find tips on how to prevent the introduction of malware into your system in the first place.

A “virus” is not a term that is interchangeable with “malware.” Instead, a virus is a category of malware. It creates copies of itself to spread from device to device. Most viruses are attached to an executable file, which means that the virus is only activated when a user unknowingly runs the malicious host file or program. When that happens, the viral code will be executed alongside the code for the host program. Computer viruses can infect a device when a user downloads an infected file (intentionally or not). This download can be initiated by interacting with pirated media, free games, phishing emails, malicious websites or links to insecure content.

How to Spot a Virus:

Like a virus, a worm is a set of infected code that can be transmitted from device to device. A worm is different from a virus in that this type of malware is self-replicating and can cause damage without depending upon human action. Additionally, although worms can also gain access to your device through suspicious message attachments and spammy instant messages, they tend to seek instabilities in their target systems that they can exploit. Once downloaded, a worm can modify, add or delete files, hog a computer’s physical and digital resources, steal data and install a backdoor to allow a hacker into your device’s system.

How to Spot a Worm:

Trojans are types of malware that operate under the disguise of legitimate programs or links. Once downloaded, it generally offers its host hacker access to your device—this is usually how trojan-based identify theft begins. Some trojans will sit dormant on your device until further instructions come from the host hacker, while others are designed to begin immediately. Aside from being a backdoor to your device for cyber criminals, trojans can also try to deactivate your security software, bypass your security settings and introduce additional malware to your system. They have also been known to hijack devices into forced involvement with something called a Distributed Denial of Service (DDoS) system. That just means that, if your device gets strapped into this botnet, it will be forced to participate in attacks on other systems or networks by overloading the victim’s internet traffic capabilities.

How to Spot a Trojan:

Ransomware is a recognizable type of malware that is often delivered through a trojan embedded in the phishing emails, suspicious attachments and unsafe links. Once downloaded, a hacker can enter your device’s system through the trojan code to begin controlling your data. Some hackers wait to observe victims to get a better idea about the ransom amount that user could pay, to check out what kind of information is on the computer and to ensure that there are no backups that the victim could use to restore their content and get around the ransomware. Other cyber criminals waste no time on surveillance and begin locking things down immediately.

Either way, a victim will find a message announcing that their data is being held hostage in exchange for payment. Their files and programs will be either partially or fully restricted until the perpetrator’s desires are realized (although there are no guarantees that the promise of data release will be honored). Some versions of ransomware will delete the data if the deadline is not met, others threaten to publish that data publicly if their demands are not satisfied.

How to Spot Ransomware:

Adware affects your system’s advertising behavior. If infected, your system might be throwing up ads everywhere it can on your screen. This particular type of malware generates money for its creators through two types of revenue: cost for displaying the ad on the screen and cost for each click through which the end user accesses the ad. These can get into your device when you download “free” software or when you visit an infected site that takes advantage of vulnerabilities in your browser. Although this seems more annoying than harmful, some versions of adware tag team with spyware to report information back to whoever unleashed them. Although that information is theoretically data that helps the adware know which ads to show you, you might not know if it is stealing any extra information from you.

A related term to know here is malvertising, which involves the use of legitimate advertising to secretly introduce malware onto a user’s computer. An ad infected with malvertising software would appear to originate from a real website but clicking on it would deliver a user to a site that it did not advertise or it would prompt a forced download of malware before the user can do anything about it. A malvertising link might carry a user to a website that advertises something other than what the user was looking for, or the website itself could contain malicious content.

How to Spot Adware:

Spyware is software that covertly gathers data about a victim through their system. Although this software is sometimes implemented by users to view what their loved ones do online (for example, some parents supervise their child’s online activities as those children learn to navigate the digital world responsibly), it can be used by hackers to steal sensitive data. This can be done by logging keystrokes (what you type on your keyboard), harvesting login credentials, implementing banking trojans, recording audio or video and more. It can track things like geographical location, call logs, contact lists, photos taken on your phone and cookies from your browser.

Although this type of malware can be introduced to a victim system through a trojan code or phishing link, it can also be installed by someone who has physical or Wi-Fi access to your computer. Remember to lock your devices with passwords, never leave them unattended in a public place and be sure to use Wi-Fi you trust completely. If you cannot be certain of a secure Wi-Fi but you do need the connection, use a Virtual Private Network (VPN).

How to Spot Spyware:

Fileless Malware

Fileless malware makes up approximately 50% of malware today and doesn’t exploit users through the traditional file system. Instead, it infects devices under the guise of legitimate programs so that it can sneak undetected into your device’s memory without even touching the hard drive. It can therefore make changes to the files that are native to your Operating System (OS). This makes it tough to discover and remove.

Scareware

Scareware is a social engineering strategy by online perpetrators to scare users into believing that they need to immediately download or purchase something. This is one method cyber criminals use to force victims into interacting with malicious content. Frightening users into performing a desired action immediately can result in the loss of privacy, information and money on the part of the victim.

Rootkit

A rootkit is an application which allows remote access to your device by a third party. Although this software can be positively utilized by IT professionals trying to help frantic users do damage control on their devices, it can also be used by cyber criminals to gain access to a victim’s personal data.

Know the basics of staying safe online. Here are some pointers: