Security Awareness Tip: Malware

Malware is short for malicious software. It is software developed with the intention of gaining access or causing damage to data, computer or network of computers.

What are some types of Malware?

  • Virus: Viruses attach themselves to files or programs and infect other files. Viruses can be used to steal information, damage a system’s functionality, and delete or corrupt files.
  • Trojans: Disguises itself as a normal file or program that has been tampered with. Trojans tend to create backdoors in your security to steal data, install more malware, modify files and monitor user activity.
  • Ransomware: Restricts access to the computer by encrypting files on the hard drive or locking down the computer. Messages are displayed on the computer monitor demanding a ransom to remove the restrictions and regain access to the computer.
  • Spyware: This malware spies on user activity without their knowledge. It hides in the background and takes notes of online activity including account information, login/password, credit card numbers and more.

How to prevent Malware on your work computer.

  • Be aware of phishing emails with attachments or links.
  • Hover over links in the body of the email to validate the URL.
  • Validate the sender's email address if it’s from a legitimate company/department.
  • When in doubt, seek advice from the IT Department to verify the validity of the email.

How to prevent Malware on your mobile devices.

  • Be aware of suspicious text messaging and emails: Do not click on links or download attachments that you are not expecting.
  • Use only official apps: Download official apps from the app stores. Do not install from third-party websites.
  • Bookmark websites that are important: Bookmarking eliminates typos and prevents opening unwanted websites.
  • Keep your device up to date with the latest version of apps and operating system.

How to prevent Malware on your personal computer.

  • Be aware of phishing emails with attachments or links and avoid going to malicious websites.
  • Install and run anti-malware software and ensure you have the latest security updates.
  • Update software and operating systems with the latest vulnerability patches.
  • Remove legacy programs that are no longer supported or have the ability to download updates.

How to Detect and Remove Malware

  • The very nature of malware depends on being hidden and challenging to remove. Malware is often discovered because of its symptoms, such as a suddenly slower computer, slower internet connection, disappearing files, ad pop-ups without a browser open, or, in extreme cases, a complete takeover of the machine.
  • If the malware attack is executed via email, carefully reading file extensions is the best way to detect malware. The impact of phishing emails can also be lessened by installing malware reporting extensions to email clients. That way, if a user mistakenly downloads malware, they can notify IT immediately.
  • Removing malware can be very difficult, but the following steps will make the process easier:
    1. Take the infected machine offline, both from the internet and any networks it might be a part of. This precaution will ensure that the malware doesn't spread and safeguard additional information from getting reported back to the hackers.
    2. Perform a scan with your antivirus software. In most cases, your antivirus will not only detect the malware but also take care of safely removing the software. You might need to do this step while in Windows Safe Mode if your initial scan didn't detect anything.
    3. If the computer still feels infected, clear temporary files through the Disk Cleanup tool while in Windows Safe Mode.
    4. Reach out to the cybersecurity community for advice and best practices, as others may have experience removing specific malware. Contact your antivirus solution provider as they may have additional tools or services to help you recover from a malware infection.