Home > Empowering Tips > 9 Common Types of Malware & How to Prevent Them
Malware is one of the biggest security threats to businesses today.
If a malware attack is successful, it can cause serious impact on the productivity and profitability of a business. Businesses or individuals that are victims of malware attack often experience damaged computers, stolen data, system disruption, unexpected down time or other more costly consequences.
Thus, it is important for us to know how to recognize the different types of malware in order to help protect ourselves and our business’ systems from being compromised. In this article, we’ll cover the 9 most common types of malware.
What is malware?
Malware is a malicious software that is developed to cause harm on an organization or an individual. Cybercriminals typically use it with harmful intent, such as stealing confidential data, infecting and hijacking computers to perform malicious acts, or disrupting systems for monetary gain.
Where does malware come from?
Malware can spread through a number of ways: when you download and install an infected program; when you click an infected link or open a malicious email attachment; when you reveal your personal information to a phishing site; when you download a file or click a link or ad from an infected website; or when you are sharing network with a malware-infected computer.
The common types of malware
A virus is a type of malicious software that can replicate itself by inserting its code into other programs or files. When these infected programs or files are executed, the virus can spread to other systems and cause harm, such as deleting files or stealing personal information.
A worm is also a type of malicious software, but unlike a virus, it can spread itself without needing to infect other programs or files. Worms can replicate themselves and spread through networks or the internet, causing damage to systems and stealing sensitive data.
A trojan (aka trojan horse) is a malware that disguises as a legitimate software or program, tricking users into downloading and executing it. Once a trojan is executed, the hacker can use it to gain access to your network, modify or delete files, spy on your device, or hijack your device to carry out cyberattacks.
Ransomware is usually carried out via phishing scams, where the user is tricked into clicking a link that downloads a malicious script, which proceed to lock and encrypt the files on the user’s computer. In order to get a secret key to decrypt and recover the files, the user must pay the attacker an amount of money (the “ransom”).
Ransomware is one of the most popular types of malware among cybercriminals these days because it is so profitable.
Unlike traditional malware that uses executable files to infect a device, fileless malware uses non-file objects like PowerShell, Windows Management Instrumentation (WMI), Microsoft Office macros and other system tools. Because fileless malware is memory-based, it disappears once the system is rebooted. But this also means that it is harder to be detected and traced by anti-virus software.
Fileless malware can be used by attacker to hack a computer, steal data, or download tougher malware in the system.
Spyware is a type of malware designed to spy on its victims. It collects information about the victim and reports back to a remote attacker. This information includes passwords, payment information and other personal information, which can be used for fraudulent purposes. A typical example of spyware is a keylogger, which records all your keystrokes to capture your sensitive information.
Adware is a form of malware that displays unwanted advertisements on your computer. While adware is usually harmless, it can be very annoying, and may slow down the victim’s computer. Some adware redirects to unsafe sites that contain spyware and trojan, which can cause serious issues to your computer if they are downloaded.
Bots and Botnets
A bot (short for “robot”) is a computer that has been infected with malware and can be used to execute tasks by a remote hacker. A botnet (short for “robot network”) consists of multiple bots, which are all under the control of a single hacker. Bots and botnets are often used to perform distributed denial of service (DDoS) attacks or brute force attacks.
Mobile malware is designed specifically to target mobile devices like smartphones and tablets. It can spy and record texts and phone calls, steal credentials, or access data on the device without the user’s consent.
Mobile malware is often distributed through SMS phishing, or installation of malicious app that is downloaded through insecure source. This kind of malware has become more common these days due to the increase of smartphone and tablet use by organizations and individuals.
How to prevent malware?
Now that you have an idea about the common malware attacks, it is equally important to know how you can avoid them. Here are some useful tips to protect yourself from malware:
- Keep your operating system and applications up to date. Cybercriminals exploits security holes in old and outdated software for their attack, so be sure to update your software with the latest security patches.
- Regularly scan your device with an anti-virus software to capture and remove any malware or suspicious files.
- Beware of phishing and spam emails. Don’t click links, download attachments, or respond to message of an email that comes from an unknown sender. If the email appears to come from your bank or other legitimate sites, verify with the sender before clicking any links or providing any details.
- Never click on unknown links. Whether it comes via email, text message or social networking site, if the link looks unfamiliar or suspicious, avoid it.
- Avoid clicking on pop-up ads. Some ads may link to unsafe sites or dangerous file links, which could place you at security risk.
- Download applications from legitimate websites or official app stores only. Avoid downloading free applications or shareware from unreliable or suspicious websites.
- Use strong and complex passwords with combination of uppercase and lowercase letters, symbol, and numbers.
- Avoid using public Wi-Fi or networks. Hackers often set up fake hotspot that tricks users into connecting to the network for free. They can easily intercept a user’s connection, and proceed to steal information and distribute malware.