News Next article
Beware of malware and ransomware
Guidance and advice on malware and ransomwareBy Trade Me 5 February 2021
How to handle ransomware and malware
Over the last couple of years, use of ‘malware’ by cyber-criminals has been making increasingly bigger waves.
Kaspersky Lab has reported they’d detected and neutralised 983,051,408 threats in the second quarter of 2013.
Of this, 577,159,385 were classified as web-based attacks which attempted to infect while users were accessing the internet.
Those are some scary numbers.
Malware attacks cause financial loss for many users, so it’s time to get malware savvy.
So what is malware?
Malware (short hand for ‘malicious software’) is most commonly designed to make money for digital criminals. This can be through stealing information, modifying or erasing information, and disrupting access.
It exploits security defects or uses social engineering to trick the user into downloading it. Sometimes it may come bundled with a legitimate download.
Here’s a recent example of a supposed video player update for Chrome and Firefox browsers that hijacked social media sites. It used a fake digital signature to appear legitimate.
Examples of malware
A virus or worm spawns new copies and often runs without your knowledge or permission.
Almost all viruses are attached to an executable file and are most commonly sent as attachments to emails or a link to a website.
Worms are similar, but they don’t need you to download them as they enter your computer through a security flaw or vulnerability.
A Trojan is a program that requires you to run it before it becomes active. These often sneak into your computer via an email, when you visit an infected website, or when you download it under the guise of another program.
They delete, block, modify and/or copy data, plus they cause performance issues for your computer.
They can perform many different actions on your computer including:
- recording what you type when you log into internet banking, gaming, email sites and so on, in order to steal your bank account information
- extorting money from you by blocking access on your computer until you pay a fee
- stealing email addresses from your address book to run scams on your friends and colleagues.
Malware on phones
Kaspersky have noted a dramatic increase in the evolution of mobile malware, including the first instance of Ransomware on Android phones.
Ransomware is a type of software that attempts to extort money from a victim, often by blocking access to a computer or phone until a ‘fine’ is paid.
See the image at the top of this post as an example.
But I’m careful, I’ll never get malware!
Often you’ll be tricked into downloading it via an email or while browsing online.
This could be from an email mimicking a legitimate company, such as Microsoft, Facebook, your bank, or even from a trusted friend (who has been infected).
These often ask you to download an executable file or visit a site which requires you to download files like these.
The biggest risk on mobile phones is when you’re downloading apps.
It’s easy to mimic a trusted product, a well-known company or reputable programmer in order to trick a user into choosing the fake app.
You know you’ve got malware when…
- You’re browsing your favourite website and pop-up advertising is getting in your face.
- You receive a pop-up notification that your PC is infected with directions to download a program to fix it up.
- You’re being invited to complete surveys or you win prizes that require you to give personal information, including your credit card details.
- You’re trying to get to your favourite website but you’re being brick-walled or redirected to another site that’s asking for money.
- Your browser seems to have a mind of its own after you installed an extension to help you ‘browse faster and better’.
- You notice new desktop items or program and you’re not sure what they do.
- Your friend replies to an email or online message that you didn’t send.
An ounce of prevention…
We suggest you:
- Make sure your browser is up-to-date.
- Make sure your operating system is up-to-date.
- Make sure you are using up-to-date anti-virus and anti-malware software.
- Practice safe browsing and be suspicious.
And, when downloading applications to your smart phone:
- research the publisher of the app (e.g. whether they made other successful apps)
- check out the reviews from other users
- read the permissions when you download or update an app (eg. it shouldn’t need to access your contacts list)
- consider using a (genuine) antivirus/antimalware program.
Help I’ve got malware!
All is not lost, there are some steps you can take:
Install or update your antivirus software
Antivirus software can detect and remove malware from your computer. While we don't make or support antivirus software ourselves, here are some tips:
If you don't have any antivirus software, you can either search Google for "antivirus" or try one of these products.
- Microsoft Security Essentials
Be wary of fake antivirus software that may actually be malicious.
Perform a system scan using your up-to-date antivirus or anti-spyware software
If any issues are found, use the software to fix the problem. When the problem is solved, your antivirus scans should not find any issues.
You may need to perform additional cleaning
If you’ve been seriously infected, most users will need to get professional advice. Those of you who are super users will likely already know what to do here.