Keep Your Systems Safe from Malware
Software doesn’t have a moral code. It does what we program it to do. It can automate tasks, organize our data, and entertain us, and it can also cause nightmarish problems if that’s what the programmers created it to do. The name for software that hurts us instead of helping is malware, and it’s everywhere.
Cybercriminals use deceptive tactics to trick people into installing malware, which can then steal their data, corrupt their systems, hold their devices for ransom, and even worse. What types of malware are out there, and how can people avoid and get rid of it?
More than five and a half billion malware attacks were detected in 2020, with one particular category, ransomware, garnering lots of headlines due to the sheer scale and audacity of who it targets and how much financial damage it causes.
However, even small organizations and individual internet users need to be worried about malware.
Unlike ransomware, which loudly announces its presence so it can shake its victims down for payoff money, many forms of malware can operate silently in the background of a computer system for years, causing damage that can be very difficult to detect until it’s too late.
Merchants need to be worried about malware attacks coming from two directions. First, there’s the possibility that their own servers and devices might get infected by malware.
This can lead to massive data breaches that harm their customers and cause serious damage to the merchant’s reputation and customer relationships.
The other thing to worry about is the possibility that malware will affect their customers, leading to fraudulent charges and account takeovers that can lead to disputes and chargebacks. Protecting yourself (and others) from malware isn’t always easy, but every merchant needs to understand the basics of malware defense.
What Is Malware?
“Malware” is a portmanteau that means “malicious software.” It describes any app or computer program that was created to harm or exploit the person using it. Usually, malware is designed to benefit the individual that programmed or distributed it, but some can be purely destructive.
Some types of malware are designed to stay completely hidden, while others masquerade as normal software with some useful function while running undisclosed harmful processes in the background.
What Are the Main Categories of Malware?
Programs that self-replicate, traveling via networks or removable storage devices to forcibly install themselves on unwitting host computers. Once installed, a virus may begin to perform the functions of one of the other malware categories listed below.
An app or program is considered a Trojan horse when it advertises itself as being benign and useful, but in actuality, it serves some other, unwanted purpose. Like viruses, Trojan horses usually touch on at least one other category.
Sometimes called stalkerware, spyware is malware that reads private data, such as your login credentials, bank account or credit card numbers, personal identifying information, texts and emails, or browsing history, and reports it back to a third party.
This dreaded form of malware encrypts your files and operating systems, rendering them unusable unless you pay ransom money to the cybercriminals who infected you. Ransomware operators often target large organizations that cannot afford system downtime or data loss, such as schools, hospitals, and large enterprises. Many have been successful in obtaining huge payouts.
Programs that run autonomously are known as bots, and while bots can be useful or harmless, some are programmed to do unethical things like carrying out denial-of-service attacks or posting inflammatory propaganda on social media. Malware can hijack a device and turn it into a bot server that runs invisibly in the background, unknown to the device’s owner.
These are programs that monitor your browsing activity in order to serve you targeted advertisements. They may not be as intentionally harmful as the other types of malware, but they can be extremely disruptive and obnoxious.
How Do Devices Get Infected with Malware?
Phishing attacks are one of the most common delivery methods for malware. The cybercriminal sends a text or email with a link that they trick the recipient into clicking, which takes them to a website that uses browser exploits to automatically install malware. Another common tactic is to send a file attachment that’s actually an executable that installs malware as soon as you open it.
Malware, especially adware, can also come bundled with legitimate software programs. This is especially common on sites that offer pirated software for download.
Usually, malware needs a little help from the victim to get itself installed—you have to open up a malicious file or website to allow it to begin installing itself—but viruses can automatically infect you via local area networks, flash drives, and floppy disks.
How Can People Protect Themselves from Malware?
Malware developers are persistent, and they’re always coming up with new ways to trick people into installing their creations. The good news is that by consistently adhering to cybersecurity best practices, most delivery methods can be avoided. In short:
- Don’t click links or download files from sources you don’t trust
- Don’t open unusual email attachments
- Learn how to identify the telltale signs of phishing
- Never insert a flash drive or any other external device if you don’t know where it came from
It’s not always easy to tell when you’ve been infected, but sometimes you may notice that your device is running slowly, or that you’re seeing unfamiliar icons or messages. Anti-malware software can detect and remove infections, but it isn’t a guaranteed solution because cybercriminals are always hard at work finding new ways to evade detection.
Malware can cause all kinds of harm, but the most common problem they pose for merchants is that they give cybercriminals access to other people’s credit card numbers and login credentials, allowing them to make unauthorized purchases that will inevitably come back as chargebacks.
Merchants can and should do everything they can to protect their own systems from intrusion, but the only way to defend against the downstream effects of malware that targets your customers is to employ the best possible anti-fraud tools and strong customer authentication protocols. There’s no easy solution to the problem of malware, but nobody can afford to ignore it.