What is “Malware” and why should you protect yourself against it?

Malware is a term used to describe unwanted computer programs or ‘apps’ which are either harmful or malicious.  They range from being merely annoying to being seriously nasty.  Computer viruses are a form of Malware which are designed to spread by replicating across a network.

Origins:

In most cases Malware has either been written and distributed to make the author(s) money or to cause disruption and instability of the internet.  At the least harmful end of the scale, some programs will hijack normal behaviour and re-route the user to alternative websites, for example you may be searching Google, but the answers are coming from somewhere else.  Others will use the notifications system popup alerts to the user with fake claims of performance problems, required driver updates, virus attacks or subscriptions due – following any of these links can lead to more trouble.  At the other end of the scale your computer could become part of a large-scale illegal action against a business target.  This happens where a ‘sleeper’ program has been silently installed on your PC, and is activated on-demand, so as to crash the target website.  This works when thousands of sleeper programs are activated simultaneously and is delivered as a paid ‘service’ of organised crime.

What should you do to protect yourself?

Always use a premium anti-malware / anti-virus program!  The built-in protection within Windows 10 (Defender) is good but it is often not enough to keep you protected.  Do not expect free programs such as AVG free or Avast free to be any good – if they were, they would charge for them!   Good options include McAfee, Norton, Eset, Emisoft, Malwarebytes & Bullguard.  My current recommendation is Malwarebytes as I believe it to be the least intrusive and I have yet to come across a machine protected by it which has been compromised.  Once you have installed a premium anti-virus / anti-malware program keep it up-to-date and make sure that scheduled scans are running regularly.  If you receive a message from the program stating a website you are trying to visit is dangerous – be careful it probably is!

Have a robust backup strategy.  Even with good anti-malware program you may still get hit so it is imperative that you can recover from losing everything.

How can you be targeted?

The most common source of infection is email.  Cybercriminals send hundreds of thousands of fake emails every day to random email addresses and you could be one of those.  The emails can be very credible and may mention something you are likely to relate to – for example, your recent Amazon order or your TV licence subscription etc.  There will be a link in the email which when clicked on goes to a website that will then download the malware payload.

After email, the next most common source are internet download sites.  Typically, you are searching for a game or a music track or a video, you find a site that matches your search and you click on “download now”.  You may get what you wanted, but you often get a lot more…  this is where the additional unwanted programs start to infect and hijack your machine. Anti-malware should alert you and protect you from these as they have a library of known offenders and should check and intercept downloads before processing them.

Another route to misery is unsolicited phone calls that inform you there is something wrong with your computer or your phone/broadband line.  These can be surprisingly convincing as they often say they are from your broadband provider i.e. BT or Talktalk or Virgin.  The caller will instruct you to go to a website and click on a link as a ‘test’  This actually starts a download of a remote access program which give the caller full control of your computer.  You may not even know it has happened as the remote access can be hidden so they can search through your machine for personal data such as bank details and passwords.  The first you know about it is when your bank account has been emptied.

What should you do if you think you have compromised?

Get help.  Turn your computer and your router off. If you have been infected, often the only way to eliminate any possibility of the infection persisting is to completely wipe your machine and restore from backup. A professional computer expert will advise as to your best course of action.