What is Malware?
We have all heard the word ‘Malware’ but what is it, and how can it affect you?
Malware is essentially Malicious Software (Malicious Software). Malware is a term to describe viruses, trojans and worms. The software is secretly designed to install itself on users systems. Nearly one-third of the world’s computers have been affected by malware, this is a figure which continues to grow rapidly as we rely more on computers, phones and technology.
How does malware spread?
Each piece of malware is different, although most malware will require some form of user interaction. Some forms are delivered via email, or simply ‘pop’ onto your screen when you visit an unsafe website. Some forms of malware can be delivered via text message, or even on social media sites. Malware, although less likely, can be spread to mobile phones. It's essential to be aware of all vulnerabilities so that you can prepare effectively.
Phishing emails are one of the most effective approaches to sending malware to the majority. The most common Phishing attack consists of emails being sent to individuals pretending to be from a known brand or company. Whether this be a fake email from PayPal, Office 365, Apple, etc, they typically send you to a fake login page requesting your username and password. There are other, more advanced Phishing attacks which sends malware to the victims machine - often as an attachment. These attacks rely on the victim opening the malicious attachment which essentially triggers the malware hidden inside the attachment itself.
Hackers are able to create near perfect fraudulent emails from legitimate companies to trick victims into thinking they are ‘real’. By clicking the link, you are allowing the malware onto your computer without even realizing.
Ransomware is a type of malware that threatens deny access to the user’s data, or block accounts until a ransom is paid. Infected computers may show messages claiming to be from the police, claiming you have committed illegal activity and must pay a fine
Malware can also be spread using website scripts. These essentially exploit vulnerabilities in order to upload malware to websites. Hackers place a javascript code in place to extract customers data, most frequently card numbers. In some cases, hackers can sit extracting data for months, and sometimes even years without the company being aware.
A good example of this is Magecart. A malware that has been reported to have already affected 17,000 websites and counting…
In fact, if you have a Magento website you should check out this page.
How to protect yourself & business from malware
Implementing good company policies and the right anti-malware solutions to monitor your network, email and web requests are the best way to protect yourself from a cyber attack.
- Update your software.
Easier said than done, we all see software updates pop up, how many of them do we simply dismiss as we are too busy with daily life. Updating your software could be the difference between safe, and unsafe. One of the most famous breaches is the WannaCry attack on the NHS. This happened due to the software not being regularly updated.
- Educate your staff!
All employees should be aware of security measures, and staying safe online. Run monthly workshops to help them gain awareness around the topic. Putting together a simple rule books of the Do's and Don'ts can help employees know what is safe, and what's not.
- Backup your data
Make sure all data is backed up on an external hard-drive, as well as saving on cloud storage.
- Be wary of suspicious attachments
Avoid opening any email attachments from unknown senders to avoid anything accesses your systems. If you are unsure of the sender, chances are its a scam, so best sent to the junk folder!
For website admins or owners, here are tips to protect your website from malware.
- Update your software
- Create a custom admin path
- Passwords / MFA
- Manage your users
- Monitor website accurately
We expand on this points on our webinar which you can watch below.
In case you need more help. We have cyber solutions to detect malware, and provide monitoring of your network 24x7x365.Our technology allows you to monitor your cyber security health in near real time, blocking any attacks, allowing you to focus on growing your business, safely and securely.
For more information contact us on hello@foregenix.com, or click the link below!