Guide to Malware 101: Everything you need to know about malicious software

What is malware?

Malware is malicious software that can get into your computer and perform actions without your permission, giving hackers full access to your data, devices, and systems. You could compare it to a common cold. You probably can’t remember the exact time you got infected and it may even stay dormant for a while. However, once it’s active, you will begin to notice the damage it is actually doing. Just like a cold, malware changes over time. It continues to get smarter and faster, finding new ways to access your device or network. Malware was initially designed as a form of cybervandalism, breaking computers or changing your background and accessing your personal information. It has since been adopted by cybercriminals and is used to hold valuable business and personal data for ransom, hack passwords to access bank accounts, or track information to steal identities.

How does malware affect my business?

Malware is a growing threat to small and medium businesses. It can affect almost any device – from your computer, phone, or tablet to larger systems, such as servers and databases. It is not limited to devices that are online either, malware can get into debit card readers, POS systems, ATMs, and other types of devices via a USB, infected cards, or even loaded on at the factory. Malware causes damage to your device or software, which might mean your device will not operate the way it used to or might even shut down completely. Other types of malware, known as ransomware, lock or delete files, unless a ransom is paid. Malware can also lead to your personal or business information falling into the wrong hands. For businesses of any size, this could result in operational downtime, fines, loss of customers, or reputational damage.

Types of Malware

Malware comes in all shapes and sizes – and each one has different prevention methods and infection treatments. We will explore the most common types of malware and how to recognize them.


Ransomware locks your files and demands you pay a ransom to unlock and access them again. This type of malware is rapidly becoming more advanced. It can immediately start deleting files as soon as you are infected, pressuring you to pay up. One of the most common ways that ransomware can access your computer is through phishing. Phishing uses email as a weapon, disguising itself as a legitimate email and tricking the user into opening the email or attachment.


Trojans behave like a Trojan horse in Greek mythology. The soldiers hid inside of the horse to penetrate the city wall of Troy and waited until nightfall to attack. A Trojan works in a similar way. It disguises itself as a trusted software program or application to get into your system and attack later. Trojans offer disguise themselves as a computer game download from a hijacked website.


Worms are a type of malware that uses a computer network to replicate itself and spread. They are self-replicating and unlike viruses, do not need human action to quickly spread through your computer, or even an entire network. Worms often gain entry to a computer through a security vulnerability or weakness.


Keylogger malware is a dangerous threat to a PC user’s privacy. It will track your keystrokes and save them in a hidden file on your computer. After a certain amount of time, the file is sent to the hacker automatically, who will use the keystroke data to get your passwords or personal and business information. Keyloggers often enter computer systems as trojans, disguised as a free or useful app or download, and can install itself when users are clicking and browsing the Internet or downloading software.


A bot is a type of malware that operates as an automated computer program and can be controlled by one, or many, outside sources. Bots are used to gather information through chats or similar web-based programs. A botnet is one or more bots that can be used for attacking websites where a hacker controls multiple bot-infected computers. A hacker can use the botnet to stage distributed denial-of-service attacks, steal data, send spam, or access a device and its Internet connection. To stage a bot or botnet attack, the attacker often gains access to a computer using a virus or other malicious malware.


A rootkit is malicious malware designed to remotely access or control a computer without being detected by users or security software programs. Using rootkits, cybercriminals can execute files, steal information, modify configurations, alter software, or even install more malware. Rootkits can be included in software applications and can enter a computer through phishing attacks or through a security vulnerability. A rootkit is very difficult to remove, so prevention is key.


Spyware is a type of malware that spies on user activity, from collecting keystrokes to browser history to data harvesting. However, spyware often has additional capabilities as well, ranging from modifying your security settings to interfering with network connections. Spyware enters computers as a virus, or trojan, or bundling itself with trusted programs.


Similar to how viruses spread in people, a computer virus is software that attaches itself to a program or application in order to be activated and can be passed from computer to computer or across an entire network. Once attached, each time that application or program is opened or runs, the virus runs as well and can infect other programs or documents.

Ways Malware Can Attack

Most types of malware require some type of action by the user to get infected. Malware can be very clever and uses a range of tricks to gain access.


Email is a popular method for spreading malware. For example, through phishing, email can be used as a social engineering attack that contains malicious software or a link that enables malware if the target opens the email attachment. Users can be fooled by email subject lines like “You Have Won …,” “Past Due Invoice,” and “Your Refund has been approved.” The email message just has to be interesting enough to entice you to click. The best thing to do when you receive any suspicious emails is delete them.


Malware can also spread through websites. Malware can hide as pop-up advertisements on web pages or behind links to free gambling, sales, or warnings that appear on your computer screen claiming that you have a virus. If something appears too good to be true or seems untrustworthy, don’t click.


Programs or operating systems you are using may have weaknesses or vulnerabilities that can allow cybercriminals to make changes to these. These security vulnerabilities are very dangerous because hackers can gain direct access to your computer to launch any type of malware they prefer. In some cases, the hacker can even disable your antivirus software. That’s why it is important to keep your systems patched. A computer software patch is a set of changes applied to a program or operating system to update, repair or improve it. Patches are used to address bugs or flaws, improve the stability of operating systems or applications, or fix a security vulnerability. Patching is part of the critical preventative maintenance that is required to ensure computer software and applications stay updated and secure.

Prevention is the Best Defense

Prevention is the best defense against malware. There are key ways to protect yourself and your business from a malware infection, social engineering or other damaging cyberattack.

  • Safeguard your data: Whether data is stored in the cloud, on premise, or on devices, it is important to have the appropriate protection in place so you can secure it and recover it in case of a disaster or cyberattack. Data protection should include content filtering, email encryption, data loss prevention, and backup and disaster recovery.
  • Secure your devices: As the number of devices we use continues to grow, this results in more gateways for cyberattacks. Security services must be in place to protect devices. Device protection should include antivirus, patch management, regular vulnerability scans, secure web gateways, and web server hardening.
  • Protect your employees: Employees should understand the role they play in the company’s protection. This can be challenging for IT to control but creating a culture of cybersecurity is critical. Best practices should include secure authentication, secure remote working, defining enforceable processes and policies, and providing security awareness and training.

Here’s How We Can Protect You

Business never slows down, neither do we

Stop threats and keep your business moving. Our services and security products will keep you protected from the latest malware threats.

Save time to focus on your business

Our services and products minimize security distractions so you and your employees can focus on driving your business forward.

Keep employees safe online

Free your workforce to surf, search and download with confidence. Our business-grade security software checks every web page and alerts you if it detects anything suspicious.

Keep customer information safe from hackers

Maintain your integrity as a reliable business partner by ensuring all your customer data is kept private and all online transactions are conducted safely.

Secure and manage your computers from a single console

Our security software can be remotely managed on your business network. We can easily deploy and manage your security services from any location.

Dedicated technical support

Breathe easy knowing that we are always a phone call away.

Smart, actionable alerts

Our security software continually detects and alerts potential issues or problems that can be proactively addressed from our single console.