Malware
What is malware?
Malware is any software that has a malicious purpose. Common uses of malware are to steal private information, steal or extort money, disrupt infrastructure, or to simply cause chaos. Examples of malware include viruses, Trojans, ransomware, and Spyware. When browsing the Web, it’s important to take adequate steps to protect yourself from malware.
What types of malware are there?
There are several ways to categorize malware, but one common method is to categorize by the malware’s purpose. Here are several common types:
- Spyware watches what you do on your device and reports back to the Spyware’s operator. It’s similar to Web tracking in spirit, but much more invasive: Spyware can see everything you do on your device, not just in your Web browser.
- Keyloggers are a specific type of Spyware that records everything you type. They’re generally used to steal passwords.
- Ransomware encrypts the contents of your device so it’s unusable, then offers to decrypt your device in exchange for a payment to the ransomware operator. However, there’s no guarantee that you’ll get your device restored even if you pay the ransom.
- Botnets are a large collection of devices, all infected with malware that can be controlled by a central operator. The malware can recruit your device into a botnet, which then engages in large-scale coordinated behavior, like having thousands of devices go to the same website at once to overwhelm it and bring it down. Botnet malware on your device doesn’t do anything right away; it tries to avoid detection while it waits for commands from the operator. When the malware eventually takes action, it can make your device slow or unusable.
Another way to categorize malware is by how it infects devices and spreads to other devices. If you’ve ever encountered the terms “virus,” “worm,” or “Trojan,” those all describe mechanisms of malware infection and spread.
How do you get malware?
Malware infects devices in one of two ways: by exploiting bugs in software like browsers and operating systems, or by tricking people into installing it as if it were legitimate software.
Certain types of software bugs can provide openings for malware to do things it shouldn’t be able to do. For example, a bug in PDF viewer software could allow a hacker to create a specially crafted PDF file that installs malware if you open the file. This is why it’s important to always keep your software updated: Once they’re found, software developers try to release fixes for these bugs as soon as possible.
Malware may trick people into installing it by being hidden within another app, or by mimicking an existing app. This is why it’s important to only install apps from your device’s official app store.
Either way, most malware requires you to take some action before it can infect your device, such as clicking a link or opening a file. (Some particularly powerful malware can get on your device if you just look at a specially crafted website or message, but this is uncommon.)
How can I avoid getting malware?
There are a few ways you can protect yourself against malware, including:
- Always keep the software you use updated so it has the latest security fixes. This is especially important for your operating system (OS) and browser, which will often let you know when they need updating.
- Enable Safe Browsing in your Web browser. All major browsers support this feature, which can warn you if you’re about to visit a site that is known to host malware.
- On mobile devices, only install apps from the official app store. On desktop or laptop devices, only install apps from the official app store, or from reputable companies.
- Minimize the number of extensions you install in your browser, and only install them from the browser’s official extension store. Try to stick to widely used extensions.
- Be careful when clicking links in messages and emails: Consider the source, and be wary of clicking links that come from people or businesses you don’t know. If a message appears to come from someone you know, but strikes you as unusual or out of character, it’s best to be careful: That person may have gotten a malware infection, and the malware may be trying to spread itself by sending messages to contacts.
- Make frequent backups of important data, or even use a cloud-based backup service. This won’t help you avoid getting malware, but it can help you recover from a malware attack, and it’s just generally a good practice as it can also protect you against computer crashes. Make sure to have at least one data backup on a drive that you only connect to your device when you’re backing up your device—this reduces the chances of malware getting onto the backup drive as well.