There is a lot of confusion and mystery that surrounds malware. We know what it is, malicious software, and we may know a little about what it can do, such as spy on us or encrypt our files.
But how does malware end up on our computers? Contrary to how malware is often portrayed, it can’t infect a target as if by magic. It has to somehow bypass the security that we have on our device, whether that’s the pre-installed security or something we’ve installed yourself.
Here are the most common ways a computer or phone can end up getting infected with malware…
The malware tricks you into installing it…
Remember this important point; If you have malware, it was probably because of this – you were tricked into installing it. This is the most common way malware infects a device.
The software we use on our devices everyday is pretty good as preventing unauthorised programs from just downloading and installing without permission. Whether it’s your security software or your Internet browser, for obvious reasons, if something wants to just download and install on our device without permission, our software shouldn’t let it.
But our software can’t always protect us from ourselves, and if we download the malware ourselves and give it permission to install, then there is a good chance we’ll end up getting infected.
But why would we let malware download and install on our own device? Because, as many cyber crooks know, people can be tricked into installing malware under the belief it is something harmless.
For this reason, criminals will come up with a variety of different ways into convincing us to allow files to download to our computer. This usually means disguising the malware as something else. For example, crooks may trick a victim into downloading a file from a website thinking it is an update to their video player (more information on that here.) Or the crook may attach malware to an email and trick the victim into thinking it is an invoice.
This works because there are so many Internet users still willing to download or open files from the Internet without trusting the source.
Security vulnerabilities in out-dated software
We pointed out above that your software should prevent crooks from downloading files to your computer without your permission, and it should also prevent crooks from accessing your computer as well. However, software doesn’t work 100% of the time, and exploits and vulnerabilities are always being discovered.
If you use out-dated software with a security vulnerability, crooks can exploit that vulnerability to gain access to your computer and install malware.
Luckily, most software – for example your operating system, your Internet browser and your firewall/antivirus – can be fixed (patched) by the software developer remotely, and you just need to let their updates install.
Zero day vulnerabilities
Continuing from the point above, there is always a chance that the crooks may discover a vulnerability in your software before the software developers. This is known as a zero-day vulnerability.
The problem is that if a crook discovers a vulnerability in your software before the software developer does (and has a chance to fix it) then they can exploit it before it can be fixed. Fortunately, serious and widespread zero-day vulnerabilities are rare, but they do happen.
If a criminal has control of your computer
In the early days of computing, a popular way to infect computers with malware would be at the source – i.e. your computer. This means the criminal would physically be at your device and could infect it by inserting an infected disk, such as a CD or flopping disk.
However with the rise of the Internet this is now quite rare, but criminals can still gain access to your computer remotely by tricking victims into allowing remote access to a computer. For example, criminals can pose as technical support staff over the phone and either trick the victim into downloading malware themselves, or trick the victim into permitting remote access to the criminal who then installs the malware.
Existing malware infections
Quite simply, if malware has already infected your computer through one of the steps listed above, it can act as a ‘backdoor’ allowing more malware to infect your computer.