Malware Inc. - The Big Business of Stealing Your Data - Part 1

Welcome to a 5 Part series on Malware, how it works, and how to protect yourselves. Knowledge is power, and in today's climate of cybersecurity, we all need empowered. 

Part 1 - Understanding How Malware Works:

Malware authors use several common tricks to install their malicious software on your PC. Understanding the most common ways they do this can help you stay protected. 

First things first, we can all agree that money is what makes the world go round. Every thing costs money so you have to ask yourself is this: If someone is giving away something for free, how they are getting paid?

Most malware is designed to collect information of some sort. Sometimes it is benign browsing habits for marketing purposes and sometimes it is down right stealing of password, credit cards and account information. How do you know what they are after? The truth is, you have no way of knowing, making it even more important to browse carefully. This applies to the millions of free downloads that are available on the internet today. They might cost you more than you think...

Free Programs - Most free programs you download these days from the internet come bundled with fake, fraudulent or malicious software included. Only download from a reputable website or from the publisher of the software directly. For example, never get a Flash download from anywhere other  If you need a flash update, you go the and look for the download page. What is common is that people will see a popup saying flash needs updated, (Note: ALWAYS ADVERTISEMENTS), then click it and end up infected. The principle is similar to bank phone calls. If a random person called you claiming to be your bank or credit card company, wanting information, about you, you would never just give it to them. You would hang up and call the bank back directly to verify that you were talking to the right people. But when online, people tend to drop a degree of this cautiousness. Advertising companies and companies with malicious intent have content and links in all of the search engines, and many times come up on top of the list when you search for popular free programs. That said, just going on Google and searching for let say "openoffice" can get you into a lot of trouble if you click on the wrong result. This is where the WOT plugin from Chrome comes in handy but we will get to that later.

Email – Malware often arrives on your PC in an email attachment. You should never open an attachment from someone you don’t know or if an email looks suspicious. Instant messages and requests for file transfers can also spread malware.

Websites – Never open links to webpages that you don’t recognize or that are sent from people you don’t know. Malicious websites can install malware on your PC when you visit them.

Caution & Common Sense –  If you view a website that doesn’t look quite right, or unexpected things happen when you visit, close your browser, download the latest updates for your security software and run a quick scan on your PC. 

Pirated software – Malware is almost always bundled together with pirated software. When you install the pirated software you may also install malware. 

Social engineering – Malware authors often try and trick you into doing what they want. This can be clicking or opening a file because it looks legitimate, paying money to unlock your PC or visiting a malicious webpage. These deceptive appeals are known as social engineering.

Passwords – Attackers may try to guess your Windows account or other passwords. This is why you should always use a password that can’t be guessed easily. A strong password has at least eight characters and includes letters, numbers, and symbols. 

USB flash drives and other removable drives – Some types of malware, such as worms, can spread by copying themselves to any USB flash drives or other removable drives that are connected to your computer. Always be careful when sharing removable drives, and make sure you scan them.