Malware, also known as malicious software, is designed to intrude or damage a computer system without the owner's knowledge. The term Malware covers a myriad of computer software including viruses, worms, Trojan horses, spyware and other malicious software.
How does malicious software work?
Malicious software is a huge problem. Malware programs have become destructive and sophisticated, often using a multi-faceted technical approach to fulfill their objective. Bundled Malware that exploits an operating system with viruses and other Malware has grown exponentially of the past few years.
With the popularity of smart phones and other mobile devices, Malware has entered this realm. As mobile devices continue to grow, Malware will, too.
Trojan horses and spyware, as well as key-loggers, are becoming more and more common with criminals. These programs are able to obtain confidential information about the user of the infected computer, including account numbers and PINs, login identifications, e-mail content and even browsing habits. This data can easily be sold or used directly to commit fraud.
Malware can infiltrate a user’s computer and make it part of a botnet. A botnet is a collection of software robots (bots) that run routinely behind the scenes. Although botnet can refer to any group of bots, this word typically refers to a collection of infected systems called Zombie computers. Once infected, this malicious software runs under a common command-and-control infrastructure. Limit your exposure to Malware and you will limit your chances of becoming part of a botnet.
What are the signs?
Although the phishing attacks that lead to Malware are designed to be nearly impossible to distinguish from legitimate e-mails messages, there are some common signs you can look for:
- SMiShing attacks may indicate the message came from a random number – 3000 – instead of showing an actual phone number
- You are vehemently encouraged to comply and often provided negative consequences if you do not respond
- You see differences with other e-mails, phone messages or texts from the same business
- The message claims you ordered something that you didn’t
- You are asked to click on a link to update/verify account information, cancel an order or re-activate an account
- Messages lack personalization that would indicate the sender knows something about your account (e.g. name, the last four digits of your account number, etc.
- Messages have spelling errors and/or bad grammar not consistent with a professional business
Actions to take if you receive a suspect e-mail, phone message or text
- Number One – Don’t respond!
- If you aren’t sure of the validity of the message, call the company to verify they really did send it or ask why they need your information. Use a phone number you know is correct (e.g., from a recent statement); Do NOT call the one in the e-mail, phone message or text message
- Once you report it, delete the message from your inbox
How can I protect myself AND my business?
- Never open attachments from e-mail addresses at work or at home that you don’t recognize – this is a good way for computers to become infected with malware
- Install a firewall to prevent unwanted access
- Install and run anti-virus and anti-spyware software - keep them updated
- Avoid spyware before loading software onto your home computer:
- Search the Net for spyware reports; use the software's name and “spyware” as the search keyword
- Do not let anyone access your computer without your knowledge
- Keep your computer turned off or locked when you're not using it.
- Do not, ever, use the option "save ID and password"
- Install updates and patches for your computer's OS and all installed applications
Protecting Yourself - What you need?
This single most important thing to protect your personal, and financial, information is having the proper tools installed on your computer.
All of your computers should have:
- A personal firewall that is always on
- Turn on automatic updates for your operating system
- Antivirus software that is up-to-date and run weekly
- Anti-spyware software that is up-to-date and run weekly
- A current, updated browser
- Updated versions of all other software on your system
- Strong passwords that are changed, on average, every three months