Security Awareness Training

Lesson 10 | Malware

Download Lesson PDF

Malware is Not Your Friend

Malware, which is a term for malicious software, is similar to phishing in that victims are overwhelmingly (92%+) targeted via email. While phishing most commonly attempts to get victims to click a link and enter sensitive information, capturing login information on bogus websites, malware typically involves getting uses to open attachments.

The most common form of attachment is a Microsoft Office attachment or an Office Macro. Tools to create this kind of malware are incredibly cheap, costing between $5-$10, which is why this is such a common form of attack.

Clicking malware attachments installs software on your computer. When malware victims open the attachments, they don't realize they are installing software, meaning the software can continually run without the victim knowing it. Essentially, once the malware is installed, users have lost control of their computers, and they don't know it.

This is where antivirus software comes in. It is wise to install and use antivirus software on your computer but, depending on the malware and antivirus software, the damage may be done before it is detected. Many antivirus software will scan attachments and files before they are opened, which is a more proactive way to prevent infection. It is imperative that you keep your malware software up to date to ensure it recognizes new attacks.

What Malware Does

Malware, as a catch-all term for malicious software, can do several different things (or multiple of the below):

  • Initiate install of additional malicious.
  • Join the computer to a botnet, most often used to send spam.
  • Run in the background, capturing keyboard information like usernames and passwords, and sending that information off to malicious actors.
  • Lockdown parts of the computer or network to create a ransomware attack where companies are forced to pay to regain access to their data.

Avoiding malware is similar, but often easier, than avoiding phishing attacks. And many email services, including Gmail and Office, detect, scan, warn, and remove malicious attachments used for malware attacks.

The take-home message is to maintain a high bar of suspicion when it comes to email, verify the sender, and ask questions of senders on separate channels (not by replying to the suspicious email).

With malware, do not open attachments unless you are 100% sure of the message origin and you 100% need to open the attachment.