All right, Word Nerds! Happy flu season–make sure you get vaccinated, stock up on that Vitamin C, and wash your hands until the skin is red and chapped. No one likes getting sick, and infections are the worst. Viruses are no fun, whether they’re biological or cyber. And since we want to stay healthy on ALL fronts, let’s talk a little bit about malware.
What Is Malware?
The word “malware” is actually a mash-up of the term “malicious software.” It’s so modern, it created its own celebrity couple name, like Brangelina or Kimye.
The term “malware” is a blanket term—it actually covers a wide range of different programs, all targeting you and trying to get something from you. (It could be money, it could be information. All things you don’t want to give these attackers voluntarily.) Like many celebrity couples, malware gets a lot of attention without giving a whole lot of value to those of us who have it thrown in our faces. (Those behind the scenes, however, can gain a lot from exploiting us little people.)
7 Common Types of Malware
We’ve put together a short list of some common types of malware here, but keep in mind that this list is not exhaustive. Not only that, but the clever attackers out there are constantly adapting themselves to try to get into systems as sneakily as possible. At least with this list, you can identify some of the basic forms that are commonly used.
Most people by now have heard of computer viruses. (If you haven’t, welcome to the future.) The computer virus attaches itself to a regular program and then, once the user opens the program, the virus spreads by making copies of itself and infiltrating other computer programs—much like a flu virus, which copies itself and infiltrates other vulnerable host bodies. (This is how the zombie apocalypse will begin.)
These are called worms because they worm their way through machines, infecting entire networks of devices. Worms do not require actions by the users of the computers to move through the system. They can be capable of spreading themselves through e-mail attachments (if the worm gains access to your contact or address book, it can send itself to all of your contacts).
Trojans (Trojan Horses)
Trojans are the wolves in sheep’s clothing. They pretend to be useful and safe applications in order to access your system. Once the Trojan is in, it starts carrying out functions in secret, so that the user doesn’t see what the program is doing.
Another clever little mash-up, adware is ADvertisement softWARE. Usually included in free software, it can be legitimate. (After all, they have to pay for that free download somehow, and allowing advertisers to purchase space is one way to do it.). However, it can be problematic if it starts showing pop-ups or fake websites, or makes changes to your system or browser settings without your permission. Not cool.
I’m actually surprised that the old desktop I had in college lasted as long as it did. When I was young and foolish, I downloaded all kinds of things I probably shouldn’t have–that thing was probably drowning in adware.
James Bond’s favorite malware. This one watches activity on the computer and collects data before sending it back to the attacker. This might include your internet history, any apps you might have used, messages you send. Spyware might wind up on your computer through downloading a Trojan or some other way.
In some cases, you may use spyware as a tool—there are some programs designed specifically as spyware (for parents to monitor their children’s internet use for example) and is designed to be ignored by your antivirus program. However, there are also cases where people may use spyware to spy on their spouses, and employers may use spyware to spy on their employees.
You may have heard of ransomware after the Wannacry bug that locked up the UK’s NHS in 2017. This type of malware is not subtle, not secret. If you have ransomware on your computer, it will announce itself very clearly—by encrypting your system and locking you out until you pay a ransom (usually in bitcoin or other cryptocurrency) usually within a given timeframe, or else…
The good news is, you as an individual are not that likely to be a victim of ransomware—the real money is in holding businesses or government entities for ransom. But it is something to be aware of, as it an effective technique and doesn’t appear to be going away anytime soon.
A keylogger is a malware program that can record all of your keystrokes on the keyboard—storing the intel it gathers and sending it back to the attacker. All of your keystrokes. Whether you’re writing an e-mail to your mom or you’re typing in usernames, passwords, credit card information.
Here’s another thing, which adds more layers of frustration—not every malware is a straight example of one of these. There are some that are combinations of these examples. For example, you may have a ransomware program that has worm capabilities that allow it to infect networks. Awesome, right?
Where Does It Come From?
Way back in the day (and by way back, we mean…B.I. Before Internet), malware needed to be physically delivered to the machines. This meant that the programs were saved to floppy discs or CD-Roms (does anyone remember those?) and physically, manually delivered to the target machine.
Now, however, the internet has made the spread of malware outward from Patient Zero much more effective. Most commonly, you can download your very own malware from a phishing e-mail, likely with an attachment. (We’ve talked about phishing before. This is, again, why it is so important to actually look at the circumstances surrounding any suspicious messages and think before you click on links or attachments.)
Often attackers will try to make things sound as legitimate as possible to get you to click on the link that will download their malware onto your machine. They may claim that you’ve won a contest, or that you need to check your online banking account, or that you’re delinquent on your taxes, or that you failed to report for jury duty. Always, always be suspicious of these e-mails. Verify the information independently before you click on anything. (The government will not just send you an e-mail out of the blue. They’ll send you a nastygram in the snail mail if you’re really delinquent on anything.)
Is My Phone Safe?
I wish I could tell you that your smartphone is safe from malware. Unfortunately, that same amazing device that puts the world at your fingertips includes both the good and the bad.
Since most people don’t protect their phones like they might protect their computers, it may actually be easier to get malware on your phone. The screens are smaller, you may not be able to see the activity running in the background as easily. A hacked microphone and camera can follow your every move, your every conversation (kind of like that song, “Every Breath You Take” by The Police. I still don’t understand why some people think it’s romantic. It’s so clearly about stalking to be scary).
Some iPhone users may think that since they have an Apple device, they’re protected from malware. Well, hipsters, you can give yourselves a round of applause—but you’re not getting away scot-free. While it’s true that there aren’t as many malware programs targeting Apple products, you are still perfectly capable of receiving scam calls and texts. If you tap a link that takes you to a spoofed website (which may look legit, but isn’t), and enter your login information, you can still find yourself in trouble. Having an iPhone isn’t a substitute for good old-fashioned Constant Vigilance.
Well, Shoot. How Do I Get Rid Of It?
The good thing is, if you practice good cyber hygiene at home, you can likely protect yourself from a lot of malware attacks. (Yes, it’s called “cyber hygiene.” Just like you shower and brush your teeth to keep yourself so fresh and so clean, you need to do basic maintenance to keep your machine working and clean.)
Keeping your software patched and performing updates on your system goes a long way. Usually the updates are intended to protect you from falling victim to known attacks and known vulnerabilities. Don’t wait too long, as you don’t want cracks to form in your castle wall. Patch that stuff.
Remember to watch out for phishing e-mails. Don’t click on shady links. Be very careful about what you download—that game that looks super fun could be loaded with adware.
Of course, the best way to protect yourself at home is to invest in some good anti-malware. Run your virus software on a regular basis. Update your program so that the virus definitions are current. Some advanced antivirus programs not only detect viruses, but also have tools to remove malware if it’s located on your machine. And, regular backups of your machines can save your bacon in the case of a ransomware attack. An easy mitigation is to restore from a last known good backup.
Once again, we are not compensated for any mentions or shout-outs appearing in this blog post. If you like what you’re reading, please like us on Facebook, follow us on Twitter, and/or subscribe to our e-mail list. As we move into December, we will be planning lots of fun things for 2019, and we would love to have you along for the ride!