How to detect and avoid malware

The internet has become a very large and important tool for businesses and computer users of all kinds, but not everything on the internet is good. There are viruses and malware out there that can cause substantial harm to you and your computer. It is important to be aware of the danger and know how to avoid it.

What is Malware?

Malware is defined as any software specifically designed to gain access or cause damage to a computer or network. There are several different types of malware, for example, viruses, worms, Trojans, adware and many more. Malware can infect any device with access to the internet: smartphones, computers, tablets, servers, etc.

How Does Malware Work?

Malware works by tricking unsuspecting users into clicking on or installing a program off the internet. Typically a link or a pop-up is the most common malware bait. Once the program is installed, the malware’s code begins to execute actions that can cause damage to your computer.

Some examples of the damage malware can cause includes:

• Annoying ads popping up on a desktop and/or web browser
• Installs applications without your knowledge that can slow your computer down considerably
• Corrupts system rendering device inoperable
• Blocks access to files on device
• Sends passwords and sensitive information to outside parties for use without your knowledge

The Spoofs Are More Full-Proof

Phishing schemes usually work the same way cold emailing works. For a lot of the recipients, the messages are slightly off-target. They reference the wrong bank, the recipient notices something is off, or the network catches a spoofed email address. However, all of the factors line up for a small percentage of people, and that’s enough for a successful scheme.

But whaling attacks are specifically targeted at you. You have a lot of valuable information, so the malicious actor will take their time personalizing an email just for you. Depending on how public your information is, they can guess what bank you use. They can figure out your nickname or guess which of your customers you’re personally emailing. It’s so customized you can only catch it if you’re prepared for it.

Some Days You’re the Whale, and Some Days You’re the Net

A whaling scheme might not be aimed at you. Instead, a malicious actor might pretend to be you to convince a director or employee to send them confidential files. If someone creates an email with your first and last name, they can tell someone from HR or Finance that you can’t log in to your work computer but you need a specific projection or revenue spreadsheet immediately. That even explains why the email is from an external address. If the email sounds urgent enough and has enough detail, the employee is going to do it.

How Can You Protect Yourself from Malware?

Malware is everywhere on the internet. Without virus protection on your computer, you are at risk. There are many malware protection programs available for purchase that are well worth the money.

To protect your computer, make sure you have the following installed on your device:

• Antivirus software

• An internet firewall

In addition, avoid downloading anything off of suspicious or unsafe websites. Don’t click on pop-up ads or open emails from unknown sources.

What’s Wrong with Current Anti-Malware Programs?

Most programs work on the basis of recognition and updates. The software starts with a directory of known threats and unique code elements. If the programs detect any of those specific snippets of information, the program gets to work isolating it. But that database of known threats doesn’t stay good for long. New malware threats and virus are created all the time. Each month in 2017 saw the creation of six hundred million new malware files, and that’s just getting faster.

Anti-malware programs do their best to solve the problem with frequent patches that add newly identified threats to the list. But there are two problems with this:

1. Not everyone updates on a schedule

Lots of people just ignore updates until an interruption restart forces the issue. Even weekly administrative updates might not be fast enough.

2. The list only includes identified threats. It takes time to know when a file includes malware, especially if the effects are delayed. One of the most common malware threats don’t go after a device’s files; they just harness the device for a different, large-scale attack.

So if your company is targeted during the lag-time between creation and identification, it will slip through the cracks. Anti-malware programs are one of the best defences your organisation can have, but it’s not enough on its own.

Cyber-security is a big-ticket item for every organisation. There’s always a new story about a massive data leak or a preventable cyber-security disaster, and it can feel like your company is just waiting to be the next big news report. Keeping your anti-malware programs up-to-date and your security practices strong helps prevent a lot of the potential damage. But it’s not fool-proof. Anti-malware might be even weaker than people think.

Contact us at 1st Call Detectives to learn more about cyber-security.