What is Malware & Why Is It So Dangerous?

  • By David Lukic
  • Published: Apr 12, 2021
  • Last Updated: Nov 23, 2023

Unfortunately, these days everyone needs to be aware of what malware is and what you need to do to stay safe. Not only does malware threaten your privacy and security and the health of your devices and networks it can also compromise your identity. So, continue reading this article to learn about what malware is and all the different types of it.

What is Malware?

Malware is short for “malicious software, and it is delivered in a variety of ways. Malware is probably the number one cybersecurity concern for most businesses and Americans right now. You can often infect your computer, network, or device by clicking a link in a phishing (fake) email.

Cybercriminals develop various types of malware to do different things. Usually, they try to install it on your device without your knowledge, and then the payload is delivered. Some examples of malware are viruses, spyware, Trojans, and ransomware

Malware affects all operating systems, including Windows, macOS, Android, and iOS. However, Windows and Android are more susceptible to malware than the Apple ecosystem. It also attacks the broader “internet-of-things,” which refers to all devices with access to the internet outside of phones and computers.

In 2018 ransomware increased by 33% from the previous year. It is becoming a major concern for companies and cybersecurity threat researchers.

What is Malware

Are Personal Computers (PC) Safe from Malware?

Let’s start by saying that no system is safe from threats. Windows experiences a much larger number of malware attacks each year than Apple devices. This trend is likely due to Window's historical and global popularity. More hackers are trying to "break" the operating system, which leads to a higher volume of threats.

Window's native malware defense is solid, but users must frequently update or customize the program to maximize safety. However, this problem is largely solved by installing a third-party security program, as many low-upkeep and free options exist.

PC users should beware of more traditional forms of malware like trojan downloads and social engineering tactics.

Are Macs Safe from Malware?

In the past, one of Apple's most significant selling points for its flagship laptops was safety. Many "Mac vs. PC" arguments boiled down to how unlikely it was to get a virus on a Mac.

However, in 2020, the number of threats targeting Macs grew at twice the rate of those targeting Windows. This trend begs the question: Were Macs only safer because fewer hackers targeted them?

Both systems are weak to different tactics. In macOS, it's more vulnerable to adware and malicious application downloads, which may stem from unfounded user confidence in out-of-the-box security systems.

Are Android Devices Safe from Malware?

Our phones are just smaller computers that can be jammed in our front pockets. They aren't immune to malware. Like all smartphones, Android has email and SMS capabilities which let hackers target them with malicious links and downloads. They can also install malware through unsafe browsing in the same way as computers and laptops.

Are iPhones and iPads Safe from Malware?

Everything we said about Android devices is true for Apple devices like iPhones and iPads. Users can always make a mistake and open a dangerous email or text message. However, the main difference that puts Apple in the lead is how frequently iOS updates.

Besides Apple's big yearly upgrade, iOS gets more minor changes every few months. This means weaknesses stick around for less time than on Android.

In the end, both operating systems are well protected as long as you practice safe habits. This includes:

  • Only download apps from the Play Store or Apple Store. Even though these stores can't catch every malicious update, they do a decent job of vetting their catalogs.
  • Stay on top of updates. It's easy to ignore the update prompt for long stretches of time. Especially if you're using your phone when it pops up. Remember that nearly every update includes an improvement or bug fix to a known security problem.
  • Install a VPN. These programs encrypt your online activity and dramatically lower the risk of getting hacked. They also make public Wi-Fi safe if you're a heavy traveler.

What are Signs My Device is Infected with Malware?

Malware is hard to catch. In case your anti-virus has failed, here are a few signs that your system may be infected.

Slowed Performance

Many types of malware require significant resources to run. Some eat up your bandwidth while trying to send information back to the hacker. This slows down the overall performance of your device. So, if you notice sudden lagging or increased loading times, you'll want to search your phone immediately for unknown or hidden apps.

Overheating

Along with running slower, malware can cause your device to overheat. This is much more likely in mobile devices since computers can handle a much larger task payload.

While you may have ten applications and 20 tabs running simultaneously, you should pay particular attention if your phone is hot while on standby. 

Sudden Shutdowns and Restarts

Severe problems in your operating system may cause your device to shut down. This happens due to overheating, malfunctioning apps, or malware. Someone may have remotely accessed your device and is trying to use it at the same time as you. 

Decreased Battery Life

It's become a running joke that Apple purposefully tanks battery life after a few years to sell newer models. When people's phones start to die faster, they chalk it up to wear, tear, and age.

However, it could be a sign of malware running in the background. It forces your device to run a program at all times, which leads to increased energy use.

How to Protect Yourself Against Malware

Install Another Anti-Malware Service

Both Windows and iOS come with native security programs. While this seems like a good thing, it also means that hackers anticipate these native programs on every device. So, hackers ensure their attacks are undetectable to them.

Downloading a different anti-malware service gives you better odds of catching dangerous programs. It's much easier to prevent malware than to remove it and undo the damage.

Backup Your System

If malware does get onto your device, it can corrupt your files. Family photos, work documents, or personal projects can get lost. It's a good practice to back up your system at least a few times a year. Backups can also protect your files from electrical surges, water damage, or other accidents.

You can create a backup by transferring everything to an external hard drive, backing up to OneDrive (Windows), or using the Time Machine mechanism on macOS.

NEVER Click On Unknown Links

Most malware isn't cleverly snuck onto your phone. It gets there because the user clicks on a suspicious link or visits an unknown site.

While some attacks are highly compelling, most can be caught by paying a little more attention. Carefully read URLs to ensure you're going to the expected site. Many scammers change one character in a well-known URL and hope their targets won't notice.

One seriously abused address shorthand is “bit.ly.” This is a URL shortener that hides the actual address under a randomly generated code. Some businesses use it for promotions in texts to avoid overly lengthy messages. However, they can also hide a direct link to a dangerous site that you would never click on if you could see its full name.

Besides URLs, avoid clicking on banner advertisements and pop-up windows unless you completely trust the site you're on.

malware attacks

Types of Malware Attacks

It is important to not only learn the different types of malware, but also the strategies that hackers use to get them on your devices. Some of the most common types of malware attacks are:

Malvertising

Malvertising (malicious advertising) is pretty much what it sounds like. Hackers embed malicious code in ads is called malvertising. Sometimes these criminals purchase legitimate ad space on Google Ads or social media sites to appear real. When an unsuspecting victim clicks on the ad to learn more about the product or service, their device may be infected with malicious software. Hence, you become a victim of malvertising. In some cases, the user doesn't even need to click on anything, they just need to be on the same page as the malware. 

Malvertising should not be confused with adware which is less harmful and simply displays ads in your browser or on your PC. 

Exploit Kit

Threat actors use exploit kits to search for vulnerabilities in your hardware or software. Basically, this type of malware attack takes an inventory of the device's hardware and software resources and reports back to the central command. If the malware finds a known exploit, it may install other malicious code to perform other nefarious tasks. 

Man in the Middle Attack (MitM) 

A man-in-the-middle attack occurs when a hacker exploits an unsecured Wi-Fi hotspot looking for victims who are connected to the network. If you visit your local coffee shop where they offer "free" Wi-Fi, then you use your cell phone to log onto your bank, pay a credit card bill, or update your Netflix queue, someone could steal your credentials and take over all those accounts through a man-in-the-middle attack. 

Cybercriminals perform man-in-the-middle attacks using special hardware or software that puts them in between you and the website you are visiting. That is why it is called a man-in-the-middle attack. By intercepting all your activity, they can strip out pieces of personal, sensitive, but valuable information and use it for identity theft or fraud. 

Man-in-the-Browser Attack (MitB)

Another type of malware that bad guys often use is man-in-the-browser attacks. If someone is able to install malware on your computer and then into your internet browser, it can record everything you do while using the browser. Sometimes these issues occur when you use an infected browser add-on. 

Recently there were reports of a very popular add-on for Google Chrome called the "Great Suspender," which was riddled with malware attacks and had infected thousands of users' machines. Google removed it and wrote code to update and deactivate it from everyone's browser. Thus, if you do use Google add-ons, be aware of man-in-the-browser attacks

Drive By Downloads

Malicious websites or even legitimate websites infected with malware may also infect your device if you land on the URL either through a phishing email or other social engineering tactic.

The scary part about drive-by-downloads is that the user doesn't need to do anything; just visit an infected website. Some very reputable websites have been compromised by this type of infection, thereby spreading it to everyone who visits. 

Social Engineering Attacks

Social engineering is becoming a very popular method of delivering malware attacks to unsuspecting victims. Social engineering attacks use emotion to get you to trust someone into giving them information or clicking a link. Sometimes these messages come through in email or text, and the perpetrator pretends to be your bank, your boss, or someone of authority who you might trust to get you to click. Once you do, your device is infected, and then the criminal can take over.

Sometimes social engineering attacks are ongoing and take a while as they earn your trust before asking for the big score, which is usually personal information or your login credentials. Most of the data breaches during 2020 worked due to social engineering attacks and an employee clicking a malicious link in an email.

Often these threat actors use scare tactics, so you will panic and do something without thinking. For example, they may send you a convincing-looking email alerting you that your bank account has been hacked. The email will contain a link with the word "fix now," and without thinking, you click it. You may be taken to a website that "looks" like your bank, but it is fake. If you enter your login, the crooks now have access to your bank account and can drain your funds before you know what has happened.

Sometimes, to make the ruse complete, they redirect you to the legitimate website, so you won't suspect a thing, and they get what they want. Hence, you should always be wary of social engineering attacks; you do not know when or how they could happen.

These days, it is super important to be aware of all these types of malware and to learn ways to protect yourself.

 

 

About the Author
IDStrong Logo

Related Articles

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach: 2013, 2015, 2021 and 2023 Hacks

T-Mobile has experienced a number of data breaches in the past decade. The first case occurred som ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that much a ... Read More

The NSA Hack, How Did it Happen?

The National Security Agency (NSA) was the main attraction in a major data breach involving three ... Read More

Latest Articles

What You Need to Know about the Delta Dental Data Breach

What You Need to Know about the Delta Dental Data Breach

Delta Dental is a dental insurance provider serving over 90 million Americans. It offers coverage in all 50 states, Puerto Rico, and Washington, D.C. The company was established in 1966 in California as part of the Delta Dental Plans Association.

What You Need to Know about the Hot Topic Data Breach

What You Need to Know about the Hot Topic Data Breach

Hot Topic plays in the fashion, apparel, and shoe industry as a retailer of music-influenced apparel and accessories, such as jeans, tops, belts, dresses, pajamas, sunglasses, jewelry, and tees.

Google Voice Scams: What They Are and How to Stay Safe

Google Voice Scams: What They Are and How to Stay Safe

Google Voice scams continue to pose a risk for users of this service. Scammers continuously attempt to lure users into divulging their verification PIN code.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Notice

By proceeding with this scan, you agree to let IDStrong run a Free Scan of supplied parameters of your personal information and provide free preliminary findings in compliance with our Terms of Use and Privacy Notice. You consent to us using your provided information to complete the Free Scan and compare it against our records and breach databases or sources to provide your Free preliminary findings report.

Rest assured: IDStrong will not share your information with third parties or store your information beyond what is required to perform your scan and share your results.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address
Close