Malware is a term used for any type of malicious software that is developed to damage,
disable or exploit computer systems, mobile devices or network.
Cybercriminals use Malware attacks to either:
- Steal, encrypt or delete sensitive information
- Hijack or alter core system functions
- Monitor your activity without your permission
- Extort money out of you
- Introduce Spam or force advertising
All in all, the main purpose behind Malware is to extract data so cybercriminals can leverage
it over their victims for financial gain.
The type of data that Cybercriminals might be interested can range from financial data,
healthcare records to even personal information on emails and passwords.
So how does Malware get distributed?
Malware is typically distributed through various methods such as:
- Email attachments
- Fake internet adverts
- Infected applications
- Malicious websites
- Pop-up Ads
Pop-up Ads are an increasingly popular way to trick people into clicking on adverts that
appear to offer incentives or warnings such as: Flashing messages like “Your computer has
been infected! Click here to run a scan!” or maybe seeing adverts where you have
apparently won a dream holiday or Prize. The moment you click on the button, the malware
installs on your device.
So how do you prevent yourself from getting caught up in Malware attacks? Follow these
top tips and keep yourself safe.
TOP 10 Protection Tips
- Install anti-virus and anti-spyware software.
Anti-virus and anti-spyware programs scan computer files to identify and remove malware. Be sure to:
- Keep your security tools updated.
- Immediately remove detected malware.
- Audit your files for missing data, errors, and unauthorized additions.
- Use secure authentication methods.
The following best practices help keep accounts safe:
- Require strong passwords with at least eight characters, including an uppercase letter, a lowercase letter, a number and a symbol in each password.
- Enable multi-factor authentication, such as a PIN or security questions in addition to a password.
- Use biometric tools like fingerprints, voiceprints, facial recognition and iris scans.
- Never save passwords on a computer or network. Use a secure password manager if needed.
- Use administrator accounts only when necessary.
Malware often has the same privileges as the active user. Non-administrator accounts are usually blocked from accessing the most sensitive parts of a computer or network system. Therefore:
- Avoid using administrative privileges to browse the web or check email.
- Log in as an administrator only to perform administrative tasks, such as to make configuration changes.
- Install software using administrator credentials only after you have validated that the software is legitimate and secure.
- Keep software updated.
No software package is completely safe against malware. However, software vendors regularly provide patches and updates to close whatever new vulnerabilities show up. As a best practice, validate and install all new software patches:
- Regularly update your operating systems, software tools, browsers and plug-ins.
- Implement routine maintenance to ensure all software is current and check for signs of malware in log reports.
- Control access to systems.
There are multiple ways to regulate your networks to protect against data breaches:
- Install or implement a firewall.
- Never use unfamiliar remote drives or media that was used on a publicly accessible device.
- Close unused ports and disable unused protocols.
- Remove inactive user accounts.
- Carefully read all licensing agreements before installing software.
- Grant minimum access to users
Grant users in your organization the minimum access to system capabilities, services and data they need to complete their work.
- Limit application privileges.
A hacker only needs an open door to infiltrate your business. Limit the number of possible entryways by restricting application privileges on your devices. Allow only the application features and functions that are necessary to get work done.
- Implement email security and spam protection.
Email is an essential business communication tool, but it is also a common malware channel. To reduce the risk of infection:
- Scan all incoming email messages, including attachments, for malware.
- Set spam filters to reduce unwanted emails.
- Limit user access to only company-approved links, messages and email addresses.
- Monitor for suspicious activity.
Monitor all your accounts for suspicious activity. When monitoring, always look out for the following:
- Logging all incoming and outgoing traffic
- Investigating unusual actions promptly
- Educate yourself
At the end of the day, people are the best line of defence. By continuously educating yourself, you can reduce the risk of falling or phishing and other tactics that accidentally let malware into your network.