There are currently around 1.2 billion malicious programs and potentially unwanted applications in existence, with threat actors deploying an average of 200,454 unique malware scripts daily last year. By 2031, experts predict that ransomware will target an organization, consumer, or device every 2 seconds. Alarmingly, it’s estimated that 65% of cybercriminals have ties to organized crime, and in 2023, 62% of companies experienced a security breach related to remote work.
These statistics are a major concern for IT and security leaders, but they should be on everyone’s radar. Malware comes in many forms, such as viruses, trojans, ransomware, worms, adware, and spyware. Each has its own harmful purpose—whether it’s holding your data hostage, bombarding you with ads, or spying on your activities. All malware poses a threat, and the key to protecting yourself and the networks you work in is understanding how it spreads and how to stay vigilant.
Here are the most frequent methods used to infect devices, along with tips on how to stay safe online.
Phishing Emails
Email addresses are easily accessible and often used by cybercriminals to launch phishing attacks. These scams masquerade as legitimate messages from well-known companies and their goal is to steal sensitive information, such as passwords or account details, or to trick you into downloading malware by clicking on malicious links.
To avoid falling victim, there are some basic rules to follow:
- Verify the sender’s email address
- Be wary of urgent requests
- Inspect hyperlinks
- Never open attachments from unknown sources
- Consider whether the request is legitimate
- Check for odd spelling or grammar
- Report suspicious emails to your IT team
Fake Websites
Scammers can set up fake websites that appear almost identical to legitimate ones, tricking you into downloading malware. These fraudulent sites often rank high in search engine results or appear as ads, making it easy for unsuspecting users to click on them.
A good way to protect yourself is by bookmarking trusted websites or manually typing the URL into your browser. Additionally, properly configured firewalls can help prevent access to fake sites before any damage is done.
Fraudulent Apps
While app stores are generally safe, fraudulent apps can still slip through. Some may mimic popular apps to deceive users into downloading malware, while others pose as free versions of paid apps. Malicious apps can steal your data or damage your device after installation.
To avoid these, always check the app’s reviews, download numbers, and developer information. Be wary of poorly rated apps with spelling errors in their descriptions, and ensure the permissions requested by an app make sense for its function.
Remote Access Scams
Remote Desktop Protocol (RDP) allows for remote access to your computer, and scammers often exploit this to steal data. Typically, they’ll pose as tech support and convince you there’s a problem with your device that only they can fix, gaining access to your computer in the process.
Most legitimate companies will never ask for remote access, so if someone does, be skeptical. Keeping your operating system and software up to date can also help protect against these kinds of attacks.
USB Drives
An old but still effective trick is the use of infected USB drives. These might be left in public places or given away as freebies at events, tempting someone to plug them into their computer. Once connected, the malware can install itself, compromising your system.
To stay safe, avoid using unknown USB drives and always scan external devices before opening them.
Some other things to consider when trying to stay safe and avoid malware:
- Always install updates for your operating system and any programs you’ve downloaded. These updates often include important security patches.
- Use strong passwords or better yet strong pass-phrases and ensure no two accounts use the same one and wherever possible, use two-factor authentication for an added layer of security.
- Know the signs of infection including unusual pop-ups, slow performance, or unrecognized programs.
Whether on the road or working from your home or office, we each have a personal responsibility to keep our communications and systems free from malware and viruses. Brushing up on the latest best practices and informing your personal and professional networks of them can help us all stay productive and cybersafe. Please share this article with your networks.