Article

What is malware? A guide to staying safe from malicious software

F-Secure
F-Secure
|
Feb 18, 2022
|
7 min read

Malware is a broad term encompassing all types of malicious software, including viruses, trojans, and spyware. It poses a significant cyber security threat to both individuals and organizations, often resulting in major data breaches and financial losses.

Unsure if your Windows PC has a virus?

Use our F‑Secure Online Virus Scanner

Definition and intent of malware

Malware, short for malicious soft­ware, refers to any type of soft­ware designed to cause harm or disruption to computer systems, net­works, or mobile devices. This harmful software can take many forms, including viruses, worms, trojans, ransom­ware, spyware, adware, and more, often installing malware through deceptive means.

The primary intent of malware is to compromise the security of a system, steal sensitive information, or disrupt normal operations for financial gain or other malicious purposes. Whether it’s corrupting files, stealing data, or hijacking system resources, malware poses a significant threat to the integrity and functionality of computer systems.

Why is malware a serious threat?

Malware refers to a variety of harmful software designed with one purpose: to damage or exploit an infected system. Cyber criminals use malware to launch attacks, and while it primarily spreads through the internet today, malware existed long before wide­spread internet use. In the past, it could spread through physical means, such as floppy disks.

The motives behind malware attacks range from stealing personal data to hijacking a user’s device, often leading to severe consequences such as data breaches and financial losses. And it’s not just desktop computers at risk — smart­phones are equally attractive targets. Users can unknowingly install malware by down­loading apps from untrusted sources or falling victim to scams. Links in emails, text messages, and social media posts can also lead to malicious web­sites, causing users to inadvertently down­load malware.

Who is targeted by malware?

Malware can target anyone, from individuals to large organizations. Cyber criminals typically focus on users who store sensitive data or have access to valuable systems. Common targets include:

  • Everyday device users — often targeted to steal personal information such as pass­words, credit card numbers, or banking details

  • Organizations — malware attacks can disrupt operations, steal intellectual property, or hold critical systems hostage through ransomware

  • Government agencies —malware targeting governments can be used for espionage, stealing classified information, or crippling infra­structure

  • Healthcare providers — a prime target for ransom­ware attacks due to the sensitive nature of patient data and the critical need for operational continuity

  • Financial institutions — often targeted by malware designed to steal funds, compromise accounts, or disrupt financial trans­actions

Major impacts of malware

Malware can lead to a range of harmful consequences, including:

  • Stealing credit card details or draining money from bank accounts

  • Obtaining personal information for identity theft or black­mail

  • Capturing pass­words and login credentials for account take­overs

  • Locking devices or files and demanding ransom (ransomware)

  • Destroying files or wiping out important data

  • Accessing and stealing sensitive personal photos

  • Collecting information about your work­place and its systems

  • Forcing your device to spread malware or spam to other users

  • Using your computer to mine crypto­currency

  • Spying on your browsing habits or tracking key­strokes (key­logging)

  • Enlisting your device in a botnet to carry out DDoS attacks

Different types of malicious software

As the technology to combat malware improves, cyber criminals and hackers continuously develop new forms of malicious soft­ware. Advanced malware protection is crucial for detecting and managing harmful files that can compromise computer systems. Malware can be classified into several categories, each with distinct characteristics and objectives — here are a few common types to watch out for.

Viruses

Computer viruses are among the most common and well-known types of malicious soft­ware. They inject malicious code into another computer program — usually through some pre-existing security vulnerability within the program. Once the infected program is executed, the virus activates, potentially corrupting files, erasing memory, preventing the device from starting up, and causing other serious damage.

Worms

Worms are particularly difficult to manage because they can self-replicate and spread across devices and net­works without any user inter­action. Unlike other types of malware, worms don't need to be triggered by the user — they spread automatically. Often, they go unnoticed until they have caused significant damage.

Trojan horses

Trojan horses, or trojans, disguise themselves as legitimate soft­ware to gain access to, and perform various unauthorized malicious actions in, a system. Once inside, they can corrupt files, steal sensitive data, or spy on your activities. Often, they act as a gateway for other types of malware, making them particularly dangerous.

Ransomware

Ransomware is used by cyber criminals to encrypt files on an infected device, making them inaccessible to the user. To regain access, victims are typically required to pay a ransom, often demanded in crypto­currencies like Bitcoin, which are harder to trace. How­ever, there’s no guarantee that paying the ransom will result in the recovery of your files. Doing so may only encourage further criminal activity and could fund organized crime or terrorism. It's advisable to contact local authorities instead of paying the ransom.

Spyware

Spyware is malicious software designed to stealthily collect data from your device and monitor your activities. Its primary aim is to operate quietly in the back­ground, often without the user’s awareness. For example, key­loggers can track your key­strokes to steal pass­words and login credentials. Additionally, spyware may record your screen to capture sensitive information, facilitating identity theft and account take­overs.

Adware

Adware is software that displays unwanted advertisements and can collect user data, often tracking browsing habits to serve targeted ads. While typically considered less harmful than other types of malware, it can still compromise privacy and negatively impact system performance by slowing down devices and consuming bandwidth.

Rootkits

Rootkits are a type of malware that conceal themselves and other malicious programs from the operating system and security software. By doing so, they enable persistent, unauthorized access to a system, allowing cyber criminals to control the device without detection. Rootkits can modify system files and processes, making them particularly challenging to identify and remove.

How malware spreads

Malware can spread through various means, each exploiting different vulnerabilities and user behaviors. Under­standing these common methods can help you take pro­active steps to protect your devices from infection.

  • Email attachments: cyber criminals often attach malware to emails. When a user opens the attachment, the malicious software executes and infects the computer.

  • Infected websites: some web­sites are designed to deliver malware through drive-by down­loads. Simply visiting an infected site can result in malware being down­loaded and executed on your device.

  • Infected software: malware can be embedded in seemingly legitimate soft­ware. When users down­load and install this soft­ware, they inadvertently install the malware as well.

  • Infected mobile apps: mobile malware is becoming increasingly common. Malicious apps, often found outside official app stores, can infect your device upon installation.

  • Phishing attacks: phishing involves tricking users into revealing sensitive information or down­loading malware through deceptive emails or messages.

  • Infected USB drives: malware can spread via infected USB drives. When these drives are inserted into a computer, the malware may automatically execute and infect the system.

  • Network vulnerabilities: unpatched software, open ports, and other network vulnerabilities can be exploited by malware to spread across devices and networks.

How to prevent malware attacks

Malicious software comes in different forms and it’s important to know how to defend yourself against a malware attack. While certain malware may require specific defenses, there are general steps you can take to strengthen your over­all cyber security. Here are eight ways to better protect your­self and your devices from malware:

1. Use anti­virus software

Antivirus software provides essential protection for both desktop computers and mobile devices by detecting, blocking, and removing a wide range of malware. Regularly updating your anti­virus ensures it can defend against the latest threats.

2. Keep your operating system and apps up to date

Always ensure you down­load the latest official updates for your device’s operating system and applications. Soft­ware updates not only introduce new features but also fix bugs and patch security vulnerabilities that cyber criminals can exploit to spread malware. Regularly updating your soft­ware is a key step in protecting your device from potential threats.

3. Be cautious about which programs you download

While mobile devices are usually considered safer as apps are down­loaded from official app stores, it’s still important to be selective about what you install. Even in trusted stores, malicious apps can occasionally slip through. Always check reviews, developer reputations, and permissions before down­loading an app to ensure it’s genuine and safe.

4. Don’t click suspicious links

Emails, text messages, social media posts, and web­sites can contain links to malicious sites that may expose your device to malware. Always inspect URLs care­fully and avoid clicking on them if they seem suspicious or come from unknown senders. You could be the target of a phishing attack, so it’s important to stay cautious and verify links before inter­acting with them.

5. Avoid inserting unknown devices into your computer

Malware can spread not only through internet down­loads but also from physical media like hard drives, CDs, USB sticks, and other external devices. To protect your system, avoid plugging in unknown or untrusted devices, and be cautious about allowing others to connect their smart­phones or external drives to your computer. These devices can carry hidden malware that could infect your system.

6. Review app and program permissions

Many mobile apps and computer programs request access to your camera, contacts, location, and stored files. Before granting these permissions, care­fully consider whether the app truly needs access to all the requested information. Limiting unnecessary access can help protect your privacy and reduce the risk of data exploitation.

7. Be cautious when using public Wi‑Fi

Public Wi‑Fi can be convenient for working or studying on the go, but it often lacks strong security. You can’t always trust the safety of these networks, making your data vulnerable to cyber attacks. If possible, avoid using public Wi‑Fi, or protect yourself by using a VPN to secure your connection.

8. Use a firewall

A firewall serves as a protective barrier between your device and the internet, filtering out suspicious and potentially harmful network traffic. While it helps to block hackers and certain types of malware, a fire­wall works best when paired with anti­virus soft­ware for comprehensive protection against online threats.

7 tips to detect a malware infection

If your computer or mobile device is acting unusually or experiencing strange changes, malware might be the cause. Here are seven key signs that can help you detect malware:

  • Suspicious and unexpected pop-up windows

  • The device is working slower than normal

  • It takes longer than usual to start up or shut down

  • Unexplained increase in data usage

  • Frequent crashes or freezing

  • Your battery depletes faster than usual

  • Your device over­heats for no apparent reason

While devices naturally slow down and experience battery degradation over time, these symptoms could be signs of a malware infection. If you notice any of these issues, it’s a good idea to run a virus scan using up-to-date security soft­ware to rule out malware.

Steps to remove malware

Dealing with malware on your computer or mobile device can be a daunting task, but by following the right steps, you can success­fully eliminate it.

  1. Disconnect from the internet: start by disconnecting your device from the internet to prevent the malware from spreading or communicating with its source.

  2. Enter safe mode: restart your device in safe mode to minimize the risk of malware loading, making it easier to remove.

  3. Perform a virus scan: use reliable anti­virus software to run a thorough scan of your system. This will help identify and eliminate any malicious files.

  4. Uninstall suspicious programs: check your installed applications and remove any that seem unfamiliar or suspicious.

  5. Update your software: ensure that your operating system and all applications are fully updated. This helps close any security gaps that malware could exploit.

  6. Utilize a malware removal tool: use a malware removal tool to detect and eliminate various types of malware.

  7. Reset browser settings: restore your web browser to its original settings to remove any unwanted changes made by malware.

  8. Change your passwords: after removing the malware, update the pass­words for your accounts to protect against unauthorized access.

  9. Back up your data: regularly back up important files to avoid loss in case some­thing goes wrong during the removal process.

  10. Consult professionals if needed: if you’re dealing with particularly complex malware, it’s a good idea to seek help from cyber security experts.

By following these steps, you can success­fully remove malware and enhance your device’s security against future threats.

total app on different devices

Protect your devices from malware with F‑Secure Total

Protecting your devices from malicious software is essential for maintaining online security. F‑Secure Total makes this easy, helping you to secure your devices in a brilliantly simple way.

  • Award-winning antivirus and malware protection

  • Online browsing, banking, and shopping protection

  • 24/7 online identity and data breach monitoring

  • Unlimited VPN service to safe­guard your privacy

  • Password manager with private data protection

Read more about Total