Build Your Online Presence

What is Malware?

Malware, short for malicious software, can easily be described as unwanted software that is installed in your system without your consent. Viruses, worms, and Trojan horses are examples of malicious software that are often grouped together and referred to as malware.

What is malware?

An Often Undetected Threat

With so many people routinely surfing the Web, malware is often unwittingly spread across the Internet. Once you enter a compromised website, your system can easily be contaminated after clicking on malicious links present and malware can be installed on your computer without your knowledge.

Malware is an easy method of mass infection; compromising one website is easier than sending several emails. It targets all visitors/victims that visit a site and click on desirable links, converting their systems to act on the attacker’s behalf.

There are different types of malware (Maladvertising, SEO Poisoning, Typosquatting and Social Engineering) that can be distributed through code on a website. Once you’ve been exposed to an attack a download is activated through an exploit kit. That download can then infect a user’s computer to corrupt it, or steal information. 

Malware Delivery Method Graph

Types of Malware
Malvertising: Malicious ads displayed on websites leading to Exploit Kits
SEO Poisoning: Malicious attackers inject common search terms in an iframe script designed to send victims to other sites hosting malicious code. The search term and iframe redirect and get cached in search engines such as Google. Victims who click on the links are sent to sites hosting malicious code.
SEO Poisoning
Typosquatting: Also known as "URL hijacking," it is a form of cybersquatting which relies on typographical errors made by an internet user when typing a web address into a browser. If an incorrect website is entered, the user is led to a rogue website owned by a cybersquatter.
Social Engineering: Make use of URL shorteners, or social network like-jacking to disguise malicious links
Social Engineering
Exploit Kits: Drive-by downloads that can be activated simply by visiting a website with your browser. This is the most dangerous form of malware. No user interaction, or click, is needed to infect a user’s computer.
Exploit Kits
Trojan: After installed on your system, this program will steal information to tunnel to outside parties (credentials, personally identifiable information (PII), espionage).
Fake AV: A rouge antivirus program designed to mislead people by posing as a legitimate antivirus program, but in reality it is only a fake version of the original software which gains access to a system with the help of bogus online scanners, insecure websites and Trojans.
Fake AV
Dropper Downloader: Downloads additional malware to an infected user’s computer, without their knowledge or consent.
Dropper Downloader

Negatively Impacts Your Reputation and Personal Data

Cyber criminals can also attempt to access your personal information by monitoring your computer’s activity. Your computer could be controlled to visit websites or partake in mass attacks without your knowledge. Malware can steal your identity or cause your computer to crash.

Once a website is listed as housing malware, that is, unsafe to visit, it tarnishes the business' brand and can have a negative impact on website traffic. Depending on the industry, a decline in website traffic can equate to a decline in revenue.