Short for “malicious software,” a piece of malware is a computer program that helps cyber attackers carry out malicious activities using your computer. A careless download or visit to a malicious site can cause a piece of malware to be installed on your system. And it won’t take long before it starts stealing your files, deleting important data, or spying on you.
There are many types of malware, each one specializing in a specific kind of mischief.
Read More about Malware
7 Most Commonly Seen Types of Malware
Knowing the different malware types can guide you in warding them off. We listed some of the most commonly seen malware kinds below.
While the term “computer virus” used to refer to malware of all kinds, that is no longer the case. Today, viruses comprise just one malware type, which multiply or copy themselves to spread from one computer to a connected device. To do that, they modify programs on an infected system. Once the infected program runs, the virus does what it’s designed to do.
Worms are probably the oldest malware. In fact, the first “virus” or what we know now as “malware” is the Creeper Worm. Like viruses, a worm spreads from one computer to a connected device without human intervention. Unlike a virus, though, a worm spreads even if a user doesn’t open any program on his or her computer.
Today, Trojans have taken the place of worms as the most commonly used malware type. Trojans are hard to detect because they typically mimic legitimate programs, hence the name. But unlike worms, Trojans require an action on the part of a computer user to run. As such, hackers typically send them as email attachments that users download and install or as embedded links that take victims to malicious pages.
Ransomware are specifically designed to encrypt certain types of files on a user’s computer. They usually come with a ransom note asking victims to pay up or lose their files forever.
While adware are not all malicious, they can certainly be annoying. They expose victims to unwanted advertisements. To do that, they redirect users’ browsers to pages that ask them to answer surveys to win prizes, for example. Little do victims know that these pages are fronts for phishing attacks.
Malvertisements work like adware. But unlike the latter, malvertisements hijack legitimate ads or ad networks to deliver malware to victims’ systems. Hackers embed malicious code into an ad. When clicked, users will be redirected to malicious websites or install malware on their computers.
How Do Computers Get Infected with Malware?
Computers can get infected with malware through these common methods.
- Email attachments and embedded links: Malicious email attachments can contain malware. Opening them may trigger malware installation. Clicking links embedded in phishing emails can also lead to malware-hosting sites, initiating a drive-by download.
- Phishing attacks: Phishing involves tricking users into revealing sensitive information or downloading malicious content. It can happen through emails, messages, or fake sites mimicking legitimate ones.
- Infected sites: Visiting compromised or malicious sites can expose your computer to malware, as they may contain hidden scripts or exploit vulnerabilities in your browser or plug-ins.
- Malicious downloads: Downloading software or files from untrustworthy sources can introduce malware to your system.
- Removable media: Infected USB drives, external hard disks, or other removable media can spread malware when connected to a computer. Auto-run features can facilitate the automatic execution of malicious code.
- Software vulnerabilities: Exploiting security vulnerabilities in operating systems (OSs), software, or plug-ins is another common infection method.
- File sharing: Downloading files from peer-to-peer (P2P) networks or using file-sharing services for illicit purposes can expose your computer to malware.
How Can You Prevent Malware Infection?
Preventing malware infections involves adopting a combination of good practices and using security tools, such as:
- Using antivirus and anti-malware: Install reputable antivirus and anti-malware on your computer and keep them updated to ensure they detect and remove the latest threats.
- Keeping software updated: Regularly update your OS, software, and plug-ins. Software updates often include security patches that address vulnerabilities exploited by malware.
- Using a firewall: Enable a firewall to monitor and control incoming and outgoing network traffic. Firewalls can prevent unauthorized access to your computer and provide an additional layer of defense against malware.
- Exercising caution with emails: Be wary of email attachments and embedded links, especially if they come from unknown or unexpected sources. Avoid opening attachments or clicking links in suspicious or unexpected emails.
- Using strong and unique passwords: Create strong and unique passwords for your accounts and avoid using the same password across multiple platforms. Consider using a password manager to generate and securely store complex passwords.
- Enabling two-factor authentication (2FA): Whenever possible, enable 2FA for your accounts to add an extra layer of security, as it requires a second form of verification in addition to your password.
- Educating yourself and your employees: Stay informed about common cyberthreats and educate yourself and your employees about online security best practices. Awareness is crucial in recognizing and avoiding potential threats.
- Backing up files regularly: Regularly back up important data to an external drive or a secure cloud service. In the event of a malware infection, having a backup ensures you can recover your essential files.
- Being cautious with downloads: Only download software, apps, and files from reputable sources. Avoid downloading cracked or pirated software, as these often contain malware.
- Configuring browser security settings: Adjust your web browser’s security settings to a level that balances security and usability. Keep plug-ins and extensions updated and consider using ad and script blockers.
- Regularly scanning for malware: Perform regular malware scans on your computer using your antivirus to identify and remove any potential threat.
Today’s malware no longer sport the payload of a single type. Most combine the features of various malware types to successfully take over victims’ computers. The good news is that a lot of them can be detected by anti-malware.
Regular patches to prevent vulnerability exploitation, another commonly used means to get malware onto target computers, also work. An example would be Wannacry. While it is considered a ransomware variant, it was distributed via the Eternal Blue exploit, which affects vulnerable Windows systems.