Malicious software is a method of performing a cybersecurity attack, and uses software that has malicious (meaning bad) intentions to undertake the attack. It is another term often heard when discussing cybersecurity and can sometimes be referred to as malicious code or malware, which is the term we will use in this guide. If you haven’t already read our introduction to cybersecurity post or need a refresher, click here.
This post will describe a range of malware types and will give some top tips on how to protect yourself from them. For all of these types of software, having an UP TO DATE anti-malware software is a really good strategy.
Trojans
Named after the infamous wooden horse from Homer's Illiad [1] a trojan is a piece of malicious code hiding inside a piece of 'attractive' code. This could be any piece of executable code such as a game or application. This appealing program will be hiding the malicious intent of the code stored inside. Trojans can store a range of different types of malware, which will also be explored in this article.
Top tips to avoid Trojans:
Only download software from reputable sources online. Do not download software or games from places that look suspicious.
If you have protective software installed then run a check of software before running it.
Viruses
The next type of malware to discuss is viruses. Viruses are self-replicating software that attach themselves to executable files and infect them with their code. Then when those files are executed, they infect more files.. and so on. Viruses can alter how your programs function and what is recorded on each program.
Top tips to avoid Viruses:
Invest in an anti-virus software and run regular scans. This software will quarantine any files that are recognised to be malicious and this will prevent them from infecting further programs.
Adware
Adware is malware that shows advertisements to the user. This is usually when the user is offline and can disrupt the usual operations of the computer or be distracting. Generally these advertisements are to try and convince the user that they have won something, that they wish to look at a web page or that their anti virus is out of date. Please note: if you are seeing recurring advertisements when online this can be due to cookies which track your browsing history but are not a virus.
Top tips when infected by adware:
The biggest tip that I can give is to not click on the advertisement, as this will most lileky install further malicious software, or attempt to take your personal details.
Take a back up of any files, and then run an adware scan to dispose of the adware. By taking a back up of files you can ensure that you will not lose these files.
Ransomware
Ransomware is malware that holds your files to ransom. It will often freeze out your computer and give you a pre-determined amount of time in which you are asked to pay the attacker money to unlock your machine and de-crypt your files. There have been cases where ransomware attackers have taken a leaf out of phishing attacker's books and have tried to appear as reputable organisations such as Interpol. Although this may make the attack seem more convincing, do not fall for it!
Top tips when infected with ransomware:
Do not pay the attacker the money. The attacker will generally have access to a lot of your personal data regardless and although you will get your files back, they tend to ask for multiple payments to de-crypt all of it.
Take your machine to a professional who can eradicate the ransomware.
Spyware
Spyware is one of the hardest malware types to detect and is one of the most dangerous. Spyware is software that spies on your actions on your computer. This can be your keystrokes, microphone speech and webcam footage. Think about the steps you have taken to get to this website (if you are viewing it on a PC). You have logged into your machine, using your passcode, you may have logged into emails using a password, you may have answered security questions for other websites or had sensitive conversations around your microphone.
Questions to ask yourself to identify a spyware attack:
Has your password been used without your knowledge?
Have you been a target of many phishing emails or blagging attacks using your personal information?
Are there suspicious logins to your accounts from locations you do not recognise?
Are there sums of money vanishing from your bank account or have there been a large number of purchases made to an address you do not recognise that you did not authorise
By answering these questions, you can determine if you have been infected with spyware.
References
[1] Homer (1997). The Iliad. Translated by J. Davies. Introduction and notes by D. Wright. London: Dover Publications.
Comments