Malware attacks can take many forms, but one thing they all have in common is that they are designed to steal or damage your data. In the last few years, it's reported that malware attacks have doubled or even tripled, a cause for concern. Viruses, spyware, and ransomware are just a few examples of malware that can infect your devices — and potentially lead to identity theft.
Malware can attack every kind of computer, tablet, and smart device you use. But with all the mystifying terms involved — spyware, ransomware, Trojan horses, and more — it can be tough to understand the threat, much less how to guard against it.
However, given that malware attacks have doubled or even tripled over the last few years, this is a threat that cannot be ignored.
Cybercriminals will use malware seeking out details like credit card and bank account numbers, Social Security numbers, and website login credentials that they can then use to commit identity theft.
What is malware?
Short for “malicious software,” malware is often aimed at collecting sensitive information from individuals and organizations alike.
Malware is the term for applications or code designed to carry out malicious acts on computers, networks, or servers. Installed without a victim’s permission, malware may steal data, destroy files, or take over control of devices.
Cybercriminals distribute malware in a variety of ways. Often, they trick people into downloading infected attachments or clicking on nefarious websites.
They may also sneak malware onto devices by exploiting vulnerabilities in software, such as outdated operating systems or insecure network protocols.
To protect against this, manufacturers build security measures into the operating systems of today’s devices. Web browsers and other programs feature their own safeguards as well.
But cybercriminals continue to adapt, working out new ways to get around these defenses.
Defining malware: Types and tactics
Each form of malware attacks in different ways, but they all have one thing in common: stealing or damaging data.
Spyware installs itself on a device without your permission. It can keep tabs on your online activity and gather personal information. It may even alter your device's settings, like changing your default homepage to redirect you to malicious sites.
Adware works much like spyware but inundates your device with ads (often pop-ups), so cybercriminals can profit from your clicks.
Viruses spread among computers and networks, replicating themselves to infect files and programs. In the process, they record, damage, or delete data.
Worms are viruses that spread automatically through a network by finding and exploiting vulnerabilities in software. Unlike other viruses, they don’t need a human to hit “download” on an attachment or click on a bad web link.
Trojan horses masquerade as trustworthy files or apps. You might download a game or song from a file-sharing site and find that it functions just as you expected. In actuality, malicious software is downloaded along with it. Trojans may also show up as email attachments, like a Word file that looks like it came from a friend’s email address — but it definitely didn’t.
Ransomware encrypts files on a device so that the victim (often a large organization) cannot access their important or sensitive data until they pay a large sum. Ransomware may breach a system when a user is tricked into clicking an email link. Bad actors also steal employee credentials and use them to gain entry.
Phishing is commonly used to spread malware
Criminals often send phishing emails (or texts) that look very similar to the ones you get from organizations you do business with, such as banks and utility companies, with links and attachments that contain malware. So rather than opening links from unsolicited messages, type URLs directly into your browser.
How to protect yourself from malware
The devices and web browsers you use every day may not offer adequate security. Shore up your defenses against malware by:
Installing a reputable anti-virus protection. Anti-virus protection scans any files or links that you try to open and, if it recognizes a malicious file or website, will notify you and guide you in removing it. You're in luck if you're an Allstate Identity Protection member: Some of our identity protection plans offer cybersecurity tools that include advanced anti-virus protection.
Using a firewall. Many operating systems on computers and smart devices include a firewall; make sure it is turned on in the device’s settings. Some anti-virus programs, like ours, include this as well.
Keeping all software up to date. Consider setting your operating system, internet browser, and computer programs to update automatically. Companies offer “patches” to not only improve performance but also offer up-to-date security features.
Maintaining your browser’s security settings, as they’re designed to protect against malware. If your browser presents a warning about the web page you’re about to visit or the file you’re trying to download, always take heed.
Downloading software from trusted sources only. There’s a good chance that free browsers, PDF readers, or other software found online could be infected with malware.
When adding new software to a device, carefully read each screen. If you see a program you weren’t expecting or are asked to install bundled software, refrain from downloading the extra program or quit the installation process.
Signs your device may be infected with malware
Malware isn’t always easy to recognize but stay alert to any changes in your device’s behavior.
Your computer, smartphone, or tablet might have malware if you notice any of the following symptoms:
Loads of ads, often in pop-up form, that are disruptive to your page viewing
Repeated error messages
Changes in performance, such as slowed speed, crashes, or failure to shut down
Shortened battery life
New toolbars or icons on your desktop or in your web browser
A new default search engine or unfamiliar websites that open automatically
Emails sent from your account that you didn’t write
How to get rid of malware
If you believe you have malware on your device, the first step is stopping any activity that involves your personal information: Don’t use online shopping sites, access your bank or credit card accounts, or pay bills until you know your device is safe.
Take action by installing a trusted anti-virus program or activating cybersecurity tools if you’re an Allstate Identity Protection member with a cyber plan. Some malware can pose as security software, so be sure to do your homework when selecting a service.
Direct the anti-virus program to run a scan. If it finds any malicious programs or codes, it will detail them and tell you how to remove them. After following the instructions, run another scan.
Hopefully, the program will now show that your device is free of malware. However, if problems are still detected, you may need to recover or reinstall your operating system — a process that can lead to full or partial data loss. Your device manufacturer’s website will share instructions on doing so.
Malware doesn’t always lead to identity theft, but if you’re a member of Allstate Identity Protection, you can rest a little easier knowing that you’re benefiting from extra layers of protection.