The ongoing COVID-19 crisis has spurred an uptick in malware around the world. From phishing emails masquerading as official communications from the World Health Organisation (WHO) to fraudulent COVID-19 tracing apps, users and businesses alike are faced with an unprecedented number of digital threats.
Cybercriminals have always sought to cash in during moments of crisis, profiteering from panic is a highly profitable way to make a quick buck. Individuals are more likely to fall for malware scams at the current time as uncertainty and upheaval arguably make us prime targets. Businesses meanwhile are coping with a sudden shift to work from home models, leaving their data and systems vulnerable to attack.
Here we cover some of the types of malware to be aware of and how to protect yourself, your devices, and your data during the COVID era.
But first, what is malware exactly?
Malware Is Malicious Software
Malware is a portmanteau term that derives from a combination of the words malicious and software. Any kind of software that is explicitly designed to cause harm to a user’s device, steal data, or wreak other types of digital havoc is malware.
Around the world, there are circa 350,000 new malware programs discovered every single day, according to the AV-Test institute. And these are only the scripts discovered, it’s likely that there are even more that we don’t know about.
An umbrella term, malware can further be broken down into types, which are loosely organized based on how they are spread.
The types of malware
- Viruses can replicate themselves on an infected device. The virus finds another computer, for example, with the same vulnerability that allowed it entry on the same network. Viruses cause damage to users’ devices.
- Worms can also replicate themselves this way. But unlike viruses, worms are primarily designed to inflict damage to the network itself.
- Trojans, on the other hand, do not replicate. Instead, users are tricked into installing the program. Oftentimes, this is done through a phishing attack, but a Trojan can also be hidden inside a piece of legitimate software.
Besides classifying malware based on how it spreads, we group it according to its intended function.
Ransomware, for example, is designed to lock users out of their devices or data in return for money. If the user pays the bounty, the attackers will provide a key to unlock the stolen data. Ransomware programs are also known as cryptolockers.
Spyware does as the name suggests, spies on your online or in-device activity to garner information. Common spyware programs include keyloggers that record the buttons you push and screen-scrapers which covertly take screenshots of your activity.
Adware bombards users with advertisements, oftentimes, these get in the way of normal device use and in extreme cases, can render the device unusable until it has been properly disinfected.
Scareware is the fourth type of malware we’ll examine. It’s a little bit different as it doesn’t cause explicit harm to data or devices, rather it attempts to “scare” users into downloading a program or upgrading to a premium version.
Often, these attempts to lure a user are related to cybersecurity. Free antivirus programs, for example, are notorious for their “warning” messages.
How To Protect Yourself From Malware?
A well-rounded strategy for protecting yourself or your company from malware encompasses good digital hygiene and anti-malware tools. Here are the steps you should take:
Educate yourself on the current risks.
As we mentioned earlier, cybercriminals are taking advantage of the pandemic. Before you open a link in an email or download a new tracing app, double-check the veracity of the publisher.
Cybercriminals are clever when it comes to disguising phishing (social engineering) attempts. But there are often tell-tale signs that something isn’t quite right. Look out for:
- Logos and branding that look a little off somehow
- Grammatical errors
- Email addresses that don’t seem like they would come from the purported company or organization
Keep all operating systems (OSs) and applications up to date
Because some types of malware exploit vulnerabilities in programs, it’s essential that you keep your OS and apps updated. Developers release patches to fix known flaws, so ignoring updates is essentially asking for trouble.
Use antimalware software
Companies should consider investing in email scanners to try and weed out phishing attempts before they reach staff. In addition, both businesses and individuals should use a high-quality paid antimalware program. Firewalls are also useful and companies should look at enterprise-level versions.
Other useful tools include VPNs. The definition of a VPN is a Virtual Private Network that encrypts internet activity and shields them from prying eyes. For businesses with staff working remotely, VPNs are absolutely essential.
Malware is definitely a problem, particularly during the current coronavirus crisis, but following the steps outlined above can help keep both your data and devices secure.