Unfortunately, malware is not a foreign term, in fact it’s pretty well known to anyone that uses a computer. There are several types of malware, as well as mediums in which you may receive it. So, before you click on that link for the free cruise you won, think about all of the personal data you could be giving away.
Types of Malware
First, let’s take a quick tour of the types of malware you may run into.
Viruses: These act very similar to the flu virus. Once it gets into a computer, it propagates by copying itself and becoming part of another program. Then just like the flu at an elementary school, it spreads from computer to computer.
However, a virus must be activated, by opening or running the file. Viruses also include worms and trojans.
Spyware: This form of malware works just as its name intends. It is a software that usually piggybacks on legitimate downloads. Once it is in your computer, it spies on the information you key in and sends it to a website. The first sign of spyware usually is a slow computer since it takes up many resources to run.
Adware: We all know this one all too well. Those pesky pop-ups telling you your computer is infected or that you won money. These also piggyback on other applications or downloads, such as free computer wallpaper, widgets or toolbars.
Adware is kind of tricky, inherently it isn’t dangerous to your computer, although annoying, but not dangerous. However, once clicked on you’ve basically opened the floodgates.
Ransomware: With the popularity of cryptocurrency, ransomware has become more and more abundant. Often, this type of malware won’t damage your computer… right away. Instead it locks it and holds it hostage.
The hacker asks for a ransom and will provide a key only if and the ransom has been paid. If not, the hacker will usually wipe your device of all of its data.
Botware: This is another malware beginning to gain popularity due to the cryptocurrency gold rush. Botware ultimately turns your computer into a zombie by flooding it with denial-of-service attacks. It helps hide anything going on below the surface.
A surprising symptom of botware is a higher electric bill. Your computer’s CPU will be running constantly and the fan will run for longer than usual.
Now that you are a bit more familiar with the mischievous malware that could corrupt your devices, it’s time to delve into a lesser known malware scam known as malvertising.
This has been gaining headway on Google, so much so, they created an individual landing page asking consumers to report malvertising and explaining how to combat it. The way this works is that cybercriminals utilize several types of display advertisements to distribute malware. A few ways you’d see malvertising is through auto-redirecting ads that will take you to a phishing page, click bait and malicious code hidden within an ad.
Sadly, cybercriminals usually use legitimate ad networks because of the high volume of ads they distribute. It makes it incredibly easy for them to throw a code into an ad without the advertiser having the slightest clue.
The worst malvertising connects users’ computers to an exploit kit that runs analysis on the defending computer, looking for vulnerabilities and exploiting them. From there, attackers can install malware, ransomware or gain full access to the computer and sensitive information. Sometimes Google may even flag your website for hosting malware, which will affect how you show up in search results.
What You Can Do
Like most other malware situations, the best way to keep it from ruining your device or even your life, is to keep everything up to date. It is important to ensure any scripts ads may be running on are current. This includes programs like Java, Flash and Microsoft Silverlight. Ad networks are working hard to stay above the curve, but it is your responsibility to help with that.
Be sure to report any suspicious ads to Google. If the ad’s script contains suspicious code, including encrypted code, it should be treated with suspicion. Remove the ad from your website and report it to your ad network.
Also, there are many ad verification websites that help back check ads for suspicious code. The bottom line with any mischievous malware is to keep your eyes open and report foul play.
Security Awareness Training and Educating Your Team
There are a number of managed security solutions that will stop a malware attack before it can occur. Your team members are actually your greatest threat. A security awareness training solution will keep your team educated through real-life email experiences.
This kind of solution phish tests your employees. This involves sending them fake phishing emails as a test. If a team member ends up clicking on mock malicious link they will be redirected to a customized educational page. This will explain why they failed the phish test so they don’t do so in the future.
They will also continue to be phish tested until they pass. This way your team will have an awareness of what a malicious email looks like.