Malware, short for “malicious software,” includes any software (such as a virus, Trojan, or spyware, etc.) that is installed on your computer or mobile device. The software is then used, usually covertly, to compromise the integrity of your device.
Clicking on links in harmful websites, downloading infected software that may include toolbar add-ons and other apps, file sharing, and removable media are all ways to get malware.
Links or attachments in email, social media posts, and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
USBs and other external devices can also be infected by viruses and malware. Use your security software to scan them.
Viruses
Viruses are harmful programs that can be transmitted to computers and other connected devices in a number of ways. Although viruses differ in many ways, all are designed to spread themselves from one device to another and cause havoc. Most commonly, viruses are designed to give the criminals who create them some sort of access to the infected devices.
Spyware
The terms “spyware” and “adware” apply to several different technologies. The two important things to know about them are that:
- They can download themselves onto your device without your permission (typically when you visit an unsafe website or via an attachment).
- They can make your computer do things you don’t want it to do, such as opening an advertisement you didn’t want to see. In the worst cases, spyware can track your online movements, steal your passphrases, and/or compromise your accounts.
Botnets
One of the common types of cybercrime infects connected devices with specific types of malware, turning them into what are known as bots. Once a device becomes a bot, it is usually part of a botnet – a larger network of other infected devices that are all controlled remotely by hackers.
Botnets are networks of computers infected by malware (such as computer viruses, key loggers, and other malicious software) and controlled remotely by criminals, usually for financial gain or to send spam to infect more devices or launch attacks on websites or networks. A botnet can have anywhere from a few hundred to many thousand devices at its disposal.
If your computer is infected with this malware and part of a botnet, it communicates and receives instructions about what it’s supposed to do from “command and control” computers located anywhere around the globe. What your computer does depends on what the cybercriminals are trying to accomplish
Many botnets are designed to harvest data, such as passphrases, Social Security numbers, credit card numbers, addresses, telephone numbers, and other personal information. The data is then used for nefarious purposes, such as identity theft, credit card fraud, spamming (sending junk email), website attacks, and malware distribution.
Security professionals are always giving us warnings of what bad things can happen to us and our personal information, or what can happen to our business if we fail to protect our customer’s personal information. And saying the same things over and over about steps we must take and the things we must do to avoid these bad things. They keep telling us, but we don’t always listen. But they keep telling us because it’s true. And they see it every day.
To help avoid falling victim to malware or becoming part of a botnet you should follow the advice and steps below. If you take these steps consistently they will soon become habits that you just take for granted. Which is a good thing.
- Having the latest security software, web browser, and operating system, and keeping them up to date, are the best defenses against viruses, malware, and other online threats.
- Links in emails and online posts are often the way criminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete it.
- Be wary of unsolicited communications that implore you to act immediately, offer something that sounds too good to be true, or asks for personal information.
- Use strong passwords, eight characters or longer, and use a mix of upper and lower case letters, numbers, and symbols.
- Always opt to enable stronger authentication when available, especially for accounts with sensitive information including your email or bank accounts. Multi-factor authentication helps verify a user has authorized access to an online account.
- By regularly backing up your important files, you minimize the risk of a complete system failure caused by malware.