Main content
Course: Internet safety > Unit 1
Lesson 9: Going deeper with recognizing and avoiding online scamsComputer malware
Malware is malicious software that's unknowingly installed onto a computer. Once installed, malware often tries to steal personal data or make money off of the user. Fortunately, there are multiple ways that users can protect their computing devices and networks.
Types of malware
Malware can take many forms:
A trojan horse is a harmful program that masquerades as a legitimate program, and is often downloaded onto computers by unknowing users. Once the user runs the program, it can start inflicting its damage.
A virus is self-replicating: it contains code that copies itself into other files on the system. Viruses may hide in the code of a legitimate program.
A worm is also self-replicating, but it copies itself into entirely different computers within the network. It can travel along networked protocols such as email, file sharing, or instant messaging. Many worms don't take any harmful action besides replicate themselves, but even those worms can disrupt a network by hogging bandwidth.
The most dangerous malware uses all three techniques, such as the ILOVEYOU worm that infected over 10 million personal Windows computers in the year 2000. Here's how it worked:
- The trojan phase: First, a user opens an email with subject line ILOVEYOU in the email application Outlook. They excitedly discover a love letter for them and download the attachment. However, the "love letter" is actually an executable program.
- The virus phase: The program searches for files on the operating system with certain extensions (such as JPG) and overwrites them with a copy of itself.
- The worm phase: The program sends an email with the "love letter" to every contact in the Outlook address book. The cycle begins again!
The ILOVEYOU worm is estimated to have cost $5 to $15 billion in terms of removal, recovery, and lost productivity. It also led to new legislation in the Philippines (the home of the worm creators) that makes it illegal to unleash such destructive malware on the world.
The effects of malware
Once malware gets onto a computer, it can cause damage in multiple ways.
Spyware steals data and sends it back to the malware creators. A common form of spyware are keyloggers, programs that monitor everything a user types including, of course, their many passwords.
🔍 You can try out a simulated keylogger below. This one isn't sending any data to a server like a real keylogger would, but even so, it's better to not type in any real information.
Adware pops up advertisements to users. The ads either earn money for the malware creators or urge users to download other forms of malware.
Ransomware holds a computer hostage by encrypting user data or blocking access to applications, and it demands the user pay a ransom to the anonymous malware creators.
In 2017, the WannaCry computer worm spread through nearly 200,000 computers across 150 countries. The malware encrypted user data and only decrypted the data if the user paid $300 in Bitcoin to the creators.
Cryptomining malware utilizes a computer's resources to mine for cryptocurrency. That allows the creators to earn cryptocurrency without needing to spend money on powering their own computers.
Protection
Attackers are constantly finding new ways to compromise systems. Fortunately, at the same time, security engineers are coming up with protection mechanisms.
A security patch is an update to the code of an application or the entire operating system, and often fixes a bug that's been exploited by malware. Computers, including mobile phones and hardware devices, should always keep up to date with security patches to reduce the risk of malware.
A firewall is a system that monitors incoming and outgoing network traffic to a computer or internal network, and determines what traffic to allow. Firewalls can do automated detection of suspicious traffic and can also be configured manually. Firewalls cannot identify and block all malware, but they are a useful line of defense for what they can identify.
Antivirus software protects an individual computer by constantly scanning files and identifying malware. Once an antivirus program finds a piece of malware, it can guide the user through deleting or repairing the file to be safe again. Of course, new kinds of malware are invented all the time, so antivirus programs must constantly update their list of known malware.
🙋🏽🙋🏻♀️🙋🏿♂️Do you have any questions about this topic? We'd love to answer—just ask in the questions area below!
Want to join the conversation?
- Will you get infected if you click a random link(13 votes)
- You might if it contains an exploit that your browser is vulnerable to.(17 votes)
- How do I find out what protection I already have on my phone or computer? Where would I purchase malware protection software?(4 votes)
- You can usually find the security software information within the device settings under security.
If you wish to purchase additional/alternative software to protect your device, you can search for antivirus programs on the internet. Make sure to read reviews of the software and you should look at comparisons people have put together on various antivirus programs. You might want to consider factors such as cost, the impact on computer performance, malware detection rates, and what additional features the software might have (e.g. game performance boosting, password manager, web protection, firewalls).(14 votes)
- Why are people so mean?!?!?!?(7 votes)
- Being mean empowers the people who are making fun of others. Most of the time, they themselves have issues somewhere else like at home, at school, or someone is bullying them.(5 votes)
- What good can this do to the attacker besides getting money?(3 votes)
- Attackers can also get sensitive information and fame, or promote some sort of political agenda.(8 votes)
- How do I find out what protection I already have on my phone or computer?(2 votes)
- Phone: I am not very sure on Apple or other phone brands but on Android there is a Security section in Settings. And I would assume other phone brands would also have that setting.
So I recommend checking out your settings on your phone.
And making sure your phone is up to date in updates, if possible.
Computer: Again, every computer is different but I recommend going to Settings. There is a Privacy and Security section in Settings. (:(7 votes)
- Window firewall is enough or should we install and use another firewall software?(2 votes)
- The built-in security solutions that come with the Windows OS have been improving in the last few years, and they can certainly be relied upon when the system is unlikely to encounter significant cyber threats.
There are better antivirus solutions on the market, but many of these solutions will have an accompanying cost. If you want to look into other solutions, there are a myriad of software products out there: Norton AntiVirus, McAfee, Trend Micro, etc. It will be up to you to determine the level of security you need.
To further this, the best protection is prevention. Be wary of malicious actors when interacting with material online and stay away from websites that do not have a trustworthy host.(6 votes)
- Why are the questions below locked?(5 votes)
- I dont know ask the teacher(0 votes)
- What if, for example, I factory reset my device after it's been infected.
Would the malware still be in the device?(2 votes)- No, most of the time all of the viruses and malware would be deleted.
Safe Browsing!(3 votes)
- What is the difference between a worm and a virus?(1 vote)
- A virus requires human actions to spread while a worm can spread automatically.(5 votes)
- If the hackers asked for bitcoin, then couldn’t their Bitcoin accounts be traced and then they’d be arrested?(3 votes)
- Correct me if I'm wrong, but I'm pretty sure public crypto addresses are basically anonymous. You have the address, but there's no labeling as to who made or owns it unless you have a look at the list of transactions made to the address on a blockchain.(1 vote)