The online world is integral to the success of your business; for your website, emails, customer records, accounts, invoicing, e-marketing etc. But the internet contains many potential threats to your livelihood and it’s important that you take your online security very seriously.
So what is malware?
Malware is a broad term that covers all sorts of malicious software that is specifically designed to gain access to your computer and inflict damage, steal personal information or just cause chaos. The cost to your business could be huge, not just financially but also in terms of destroying your reputation.
It’s worth taking time to make sure you are able to recognise the different sorts of malware out there and how they may be a threat.
Keep on the look out
The most commonly known type of malware is a computer virus. Like a real virus, this form of malware can duplicate itself and spread to other devices and attach to various programs. It gains access through attachments to email and text messages, downloaded files from the internet, scam social media links and app downloads. Computer viruses can cause severe damage in several ways; including stealing data, attacking the host computer/network, creating botnets and stealing money.
It is good practice to never download text or email attachments that you’re not expecting, or files from websites you don’t trust. However, the best way to protect against viruses is with strong and up to date antivirus software.
Another common form of malware is a worm. Worms usually spread over computer networks by exploiting vulnerabilities in operating systems. They cause harm to networks by consuming bandwidth and overloading web servers. They can also deliver pieces of code (called “payloads”) written to perform specific actions on infected computers. Like viruses, they are designed to steal data, delete files and create botnets. Unlike viruses however, worms can spread without the aid of human intervention, for example by creating mass emails with infected attachments and sending them to email lists.
Beware the ads
Adware is the term used for advertising-supported software. This is a type of malware that causes unwanted advertisements such as pop-up ads to appear on your computer. It tracks your browser history and downloads in order to predict what products or services you’re interested in. Adware isn’t always malicious and free versions of software are often inundated with it. At best it is annoying, but this intrusive form of advertising can slow down your computer and can often be infected with other viruses such as dangerous spyware, which tracks user activity and steals information.
Are you being watched?
Spyware is one of the worst forms of malware as it obtains personal information from an infected computer without the user’s knowledge or permission. This can include monitoring activity, collecting keystrokes and data harvesting. Spyware can capture very sensitive information and can have additional capabilities, such as modifying software or browsers security settings or interfering with network connections.
A Trojan is a type of malware that sneaks onto your device by disguising itself as a regular file or piece of software and fooling users into downloading or installing it. It can give third party access to your device, giving the hacker the ability to steal sensitive data and information, install more malware, modify files, monitor user activity, create botnets and engage in anonymous internet activity.
Often employed as part of a trojan attack, keystroke loggers (or keyloggers) are on the increase. They aim to steal a user’s information by creating a record of every entry made with a device’s keyboard. As there are legitimate uses for this type of software, it is often very difficult for antimalware programmes to detect them. They can be used to gather information such as passwords, bank details or other confidential data.
What’s lurking out of sight?
A rootkit is a type of software that hides the fact that a computer has been compromised by replacing vital system functions. By ‘hiding in plain sight’ rootkits can be easily overlooked by antivirus software. The rootkit itself isn’t harmful, it is the malware it hides that is dangerous. When the rootkit has infiltrated the operating system it automatically activates before boot up and therefore makes it extremely difficult to detect. This allows the targeted computer to be accessed without a user noticing. The very nature of the rootkit makes them notoriously difficult to remove.
A bot or internet robot is a software program created to perform a specific task. Bots can be used for non-malicious purposes and aren’t uncommon. However, malware bots infect a ‘host’ and connect back to a central server or servers. The server then acts like a ‘command and control centre’ for a network of compromised computers and similar devices. Bots are usually used to infect large numbers of computers and form a network or ‘botnet’. They have the ability to self-propagate and are used to gain total control over a computer and can then perform DDoS attacks, gather passwords, log keystrokes, open back doors on the infected computer and distribute malware through platforms like websites that provide collects of dubious but apparently useful downloads.
Spear phishing isn’t a type of malware in itself, but a rather common method that it’s important for business users to be aware of. Phishing is when someone makes a fraudulent attempt to learn your usernames, passwords, bank information, or other personal details by making themselves appear trustworthy. While phishing attacks are typically generic and non-targeted, spear phishing is tailored to its target. It works by sending targeted emails to individuals encouraging them to open an attachment or click on a web link, so the malware can be downloaded or your details stolen. Spear phishing often implies that it comes from an individual or organisation you already have dealings with. This makes it more likely to gain the trust of the recipient and follow the instructions.
Scareware attempts to trick people into downloading more dangerous malware or paying for unnecessary software. It usually uses tactics to ‘scare’ the user into fast action and a typical creates a popup on a user’s machine warning them their device has been infected. They are then directed to a bogus website where they’re encouraged to download a fake antivirus program, which might do nothing or may even actively infect your computer with other malware. The more menacing the claims the more likely you are dealing with scareware.
Don’t be held up
Ransomware is growing in popularity, and works by encrypting critical files on a system, then demanding payment in exchange for the decryption key. This type of malware attack can be especially crippling to many businesses, as it can leave them without access to essential files and applications.
It can be a dangerous world out there on the internet. Breezit offer powerful protection and peace of mind from all types of viruses and malware. Please click here.