>How Does Malware Work?

The term malware refers to harmful software that may disrupt or manipulate a computer’s normal operations. Malware can infect any device that has computing capabilities; phones, tablets, personal PCs, company equipment, etc.

How does it work?

Malware typically infects a machine by tricking a user to click into and/or install a program they shouldn’t have from the internet. When the click or installation occurs, malicious code may execute damaging actions the user didn’t anticipate or intend.

The most common execution trigger is a click, typically on a link or pop-up. The content might say something provocative like, “Claim your prize!” or “Your account has been compromised. Please log in and verify recent charges.” Many times, a pop-up will be displayed immediately after clicking the link, such as, “Your system is infected! Click here to run a scan.” The next click often triggers the download of a malicious payload, even if the user doesn’t select one of the options and instead tries to close the program using the X.

Common malware types

Malware can be delivered in several different forms, depending on the intention of the person who developed it.

  • The most common type is a computer virus. They are designed to reproduce themselves and spread from one file or program to another, and sometimes to other computers a network.
  • Trojan horses are disguised as harmless programs, but can damage the host computer when activated by the user. Unlike a virus, a trojan horse does not replicate itself, but instead attempts to steal files or passwords.
  • Computer worms are designed to replicate themselves to spread through a computer network. The difference between worms and viruses is that viruses will usually only spread between files on a single computer, while worms are designed to spread between computers. This could be especially harmful to an enterprise network that has multiple machines on one network.
  • Spyware infects and operates on a user’s computer to monitor user activity and extract sensitive information. For example, when spyware runs on a machine, the hacker can monitor the programs used and sites visited while tracking keystrokes to determine user login information, such as passwords.
  • Logic bombs are concealed in programs and can either be triggered by a user’s action or released at a predetermined time. They can crash a system or wipe a hard drive clean.

Ransomware is a form of malware that locks a user’s computer and demands a ransom payment to restore access. This can be delivered to a computer if a user clicks on a link that contains the malware. It most often resembles a phishing attack, where a scammer sends emails that appear harmless in order to gather personal information like passwords, banking details, credit card numbers, or even Social Security numbers.

These messages usually look pretty legitimate, but once the recipient clicks or downloads, the hacker may gain access to the user’s computer. As mentioned above, they often begin as a phishing attack, except it goes a step further in inciting panic that could urge the user to quickly take the desired actions of the scammer.

Ransomware best works with fear – that is, the fear that a user has engaged in illegal online activity. The scammer may pose as a law enforcement agency and can intimidate a user while seeming legitimate. In other cases, the ransomware may straight up freeze the computer and demand a payment. It may not only withhold access to the machine, but also threaten to delete the sensitive files unless the payment is made.

Signs of malware on your computer

Ransomware is the most obvious form of malware, as it is usually in the form of a phishing attack and if you have decent knowledge in web security, you can easily separate the fake emails from the real. Not all malware, however, is as obvious as ransomware. Some malware runs almost undetected in the background of your device. Below are some common signs that your computer may have fallen victim to malware:

  • Ads pop up seconds after loading a web page
  • Ads pop up when the user is not using an internet browser
  • Redirect chains, or when a website URL keeps changing and sending the user to other pages
  • Email or social media contacts receive strange messages from the user that they did not send
  • The user’s system may slow down
  • The user cannot access the Control Panel on a Windows system

When suspected malware is active on a device, you should disconnect it from the internet and take appropriate steps to remove the malicious software.

Protecting devices from malware

With the increase in malware in recent years, anti-malware software has become increasingly common. Most new computers and mobile devices are bundled with device security and/or ant-malware software when purchased.

Malware and viruses most commonly infect Windows devices, so you should ensure your Windows machine has the following:

  • Antivirus software
  • An active firewall
  • Strong passwords
  • BIOS/UEFI password

There are various well-known technology service providers that ensure your system has the above recommended defenses, seek help from a trusted source.

Well-known antivirus software:

Beyond these measures, avoid downloading apps or programs from suspicious or unknown websites. Similarly, don’t click on suspicious ads or popup ads. Treat all emails that request sensitive information with caution, even if they appear to be from a familiar source.

Leave a Comment