How To Spot Malware
Chuck's Cyber Wall
Learning How To Spot Malware is a skill that everyone can use. On the internet, malware can come at you in many different ways. We hear the term often, but most people don’t know what it is or why it’s such a big problem. I was reminded of it this past weekend when my wife and I hosted a couple of friends for dinner. One recently retired from the military and is going to school to get some IT certifications. While discussing cybersecurity, he made the point that so long as you have an up-to-date antivirus program, malware is not a concern.
My head almost exploded, and I started a rant that my lovely wife politely suppressed with minimal carnage. Of course, rather than putting an end to the topic, it grew into a conversation. Living with me, cybersecurity discussions are an ever-present and looming danger – because awareness is essential.
So let’s talk about malware and how to spot it.
WHAT IS MALWARE?
Let’s start by defining it. Malware is a common term to describe many different types of malicious software, including ransomware, viruses, and worms. And herein lies the problem, because malware is composed of many different things, no one antivirus program can protect you from all of it.
At its most basic level, malware is intentionally hostile. It invades, disables, and causes damage to computers, servers, mobile devices, and networks. So let’s take a look at the three common categories of malware and what they do.
- Ransomware – this category also includes adware, spyware, and phishing scams. The goal of the malicious code is to gather information about you, including the things you do online and your personal and business data. No matter who you are, every piece of data has value.
- Viruses – nasty code designed to spread from device to device to damage or disable systems. Spread with the help of people, viruses are almost always shared by those unaware of the infection, usually in the form of web links, file downloads, and thumb drives.
- Worms – similar to viruses, worms tend to target networks, spreading rapidly through connected devices. The worst part, it only takes one person to start the infection, and then it spreads all on its own.
Everything about malware is vicious, especially how prevalent it has become. This malicious code has been written for every popular technological device that uses software with one goal, to make money, including computers, tablets, and mobile phones. Whether it’s by stealing data, forcing payment, or utilizing resources, there are numerous ways a hacker can use malicious code to make money at our expense.
SIGNS OF INFECTION
At this point, it is common knowledge that computers progressively get slower as they age. A build-up of cache, installing apps and programs, and using up storage space is a natural part of that cause. Other things, such as poorly coded programs and failed updates, can cause strange problems that may or may not affect your ability to use the device.
So how do you know if the problem is technical or malware?
Usually, clues will tell you whether or not to worry, and they aren’t subtle. So let’s take a look at six of the more egregious.
1. RANSOMWARE DEMANDS
Yes, I started with possibly the most obvious sign of malware infection. There are several ways to carry out this type of attack. The most vicious is when a hacker encrypts your data, putting a message on your screen demanding payment in exchange for the encryption key. A more common type is a popup warning. These supposedly come from some law enforcement or government agency and state that someone used your computer to look at porn, illegally download media, or send spam. Once they scare you with that information, they demand you pay a fine or threaten to send you to jail.
Devices infected with ransomware are challenging to clean, and paying the ransom will rarely provide any resolution. As far as the hackers are concerned, if you’ve paid once, you will pay again. That makes you a persistent target.
If you do fall victim to Ransomware, report it immediately to CISA at https://www.us-cert.gov/report
2. SCARY WARNINGS
We see these brought into the office quite often. Known as Scareware, these infections commonly come from phishing emails, fake websites, and hacked websites. A fake antivirus program will then display made-up threats and frightening warnings to get you to pay for upgrade tools that will fix the problem. Since none of it is real and hackers control it after you pay, the message will go away. Later, another will pop up, telling you to upgrade the tool again to fix the new problem.
This process goes on and on for as long as you continue to pay. The best way to beat this is to get a good Antivirus program, keep it updated, and go to it directly when you see something pop up. Never click on the links.
3. POPUP ADS
Most websites these days have some type of popup. The more common popups ask you to register for newsletters, provide reviews, leave comments, or notify you that they use tracking cookies. These are all legitimate popups that will go away once you close them. However, some malicious websites run by hackers get an affiliate fee if you click one of the ads. For this reason, they will bombard you with ads. Some ads might be for legitimate companies, but many are fake and will infect your computer with malware.
If your computer suddenly starts running drastically slower, and you see lots of popups on every website, there’s a good chance malware has infected your computer.
4. REDIRECTED BROWSER
Each time you open Chrome, Firefox, Safari, or whatever browser you like, it opens a home page. Some people set specific home pages, and others simply leave the default. If that home page changes randomly, opens multiple tabs, or reverts after you make a change, there’s a good chance malware has infected your computer. Aside from potentially taking you to a fake page that will infect your computer with more malware, the most significant danger is impersonation websites.
If you enter your credentials into a fake banking website, for example, there’s a good chance you’ll find the account quickly emptied by cybercriminals.
5. DISABLED SYSTEM TOOLS
When you install software, open Task Manager to stop a malfunctioning program, or check update settings, you use System Tools. There are several different tools that you might use based on your experience level. If you suddenly find yourself unable to use these tools, there’s a good chance malware has infected your computer. It might seem like something out of science fiction, but some forms of malware will try to keep you from disabling them by taking away your access to the System Tools.
6. STRANGE SOCIAL MEDIA POSTS
More and more malware is written for social media. Many of them are fake posts that include inflammatory language or outrageous political claims. By clicking on them, your social media account will propagate these to your friends and family. Many of these also include more malicious types of malware that can infect computers. People love to share things on social media, which makes this very difficult to defend against.
If you start getting responses to posts you didn’t make, there’s a good chance malware has infected your computer.
MITIGATING THE DAMAGE
Many forms of malware rely on you to click on something. Even if you go to a fake or infected website, nothing might happen until you click on an infected link. And unfortunately, this is where antivirus often fails. Antivirus programs scan your system for installed threats, but they can’t always keep up with every click as you surf the internet. Some of these malware threats live in cookies or browser extensions and don’t actually install anything on your computer specifically to bypass the antivirus.
If you find yourself facing one of these threats, close everything down and run a scan with your antivirus. Very often, that will take care of the problem. If not, check your finances to make sure nothing is being actively stolen and get help to get the computer cleaned up.
If you have questions or want some assistance getting secure, CLARK can help. Contact us at 301-456-6931 or send an email to support@clarkcomputerservices.com for a free quote.
Director of Cybersecurity and Marketing
I’ve always had a love of working with technology, being fortunate enough to have grown up with a grandfather who taught me how to fix things for myself and not be afraid to jump in and get my hands dirty. Over the last three decades, I’ve worked as a technician, trainer, technical writer, and manager in small businesses, enterprise organizations, and government. In addition, I’m an author, having published multiple works available online and in print. You can find my creative work at https://WritingDistracted.com
