Malware

Malware: What Phishing, Spyware, or other malicious software can do and how you can prevent it


Back to Support Page


Malware

Malicious software (Malware) is software created by hackers to disrupt computer operations, gather sensitive information, or gain access to private computer systems.

Malware includes computer viruses, worms, trojan horses, spyware, adware, most rootkits, and other malicious programs.

Some forms of this malicious software include the following examples, but it is not a co:

  • Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing e-mails may contain links to websites that are infected with malware. Phishing is typically carried out by e-mail spoofing or instant messaging, and it often directs users to enter details on a fake website which looks are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
     
  • Spyware is a type of malware (malicious software) installed on computers that collects information about users without their knowledge. The presence of spyware is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally to monitor users.

    While the term spyware suggests software that monitors a user's computing, the functions of spyware can extend beyond simple monitoring. Spyware can collect almost any type of data, including personal information like internet surfing habits, user logins, and bank or credit account information. Spyware can also interfere with user control of a computer by installing additional software or redirecting Web browsers. Some spyware can change computer settings, which can result in slow internet connection speeds, unauthorized changes in browser settings, or changes to software settings.
     
  • Spam is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, internet forum spam, junk fax transmissions, social networking spam, television advertising and file sharing network spam
     
  • Ransomware is a type of malware or virus that prevents user access to devices, files or applications, requiring the victim to pay a ransom (money or information) to regain access. The ransomware most often seen encrypts the user’s files (for example: Crowti, Tescrypt and Locky) and then asks the user to pay a ransom. 

How to Avoid:

AFA IT has moved all server files into the Office 365 cloud which is managed by Microsoft. Microsoft Active Protection Service (MAPS) is a cloud-based service that will provide greater malware protection through cloud-delivered malware-blocking decisions.

AFA IT also backs up (3 times a day) Office 365 cloud files in a different cloud location in case of any disaster event. Microsoft has several integrated protections against malware that are enabled by default, however we still see users being affected by ransomware threats.

AFA IT also installed the latest version of Anti-Virus on all machines and we have kept windows software up-to-date. We encourage

AFA staff to store all files/documents in Office 365 and also store personal files in Office 365 cloud. Please make a backup of your personal files.

Please notify IT immediately in case you are infected.

There are several reasons why this could happen. Beware of Phishing emails and Malicious attachments. For example, when users visit a website infected with ransomware or opening an email attachment infected with ransomware from their personal or corporate email accounts.

  • Some possible attachments could be: Executables in the following fomats (ade, adp, ani, bas, bat, chm, cmd, com, cpl, crt, hlp, ht, hta, inf, ins, isp, job, js, jse, lnk, mda, mdb, mde, mdz, msc, msi, msp, mst, pcd, reg, scr, sct, shs, url, vb, vbe, vbs, wsc, wsf, wsh, exe, pif, etc.)
     
  • Look at the sender’s email address: These email addresses can be spoofed to look like someone you know, but also, they could be one that has a different country’s domain on it (example.com.ru, or support@microsoft.com or staff_name@gmail.com ). They target Executive Names like Larry Spencer etc. or from Human Resources or Finance department.
     
  • Look at the Subject line – Does it create a sense of urgency? These are typically viruses or fake emails. Does it have 1 word in it but appears to be a response like “Re: Document”? – This is also a tall tell sign of a fake email.
     
  • Look at the body of the message – If the sender is a recognized sender, does it follow their normal emailing criteria – Does it have a salutation – is it directed to you specifically, or is it generic (Hi, vs Hi Adam,). Does it have a signature for the person who sent it? Does it match the name of the person you identified in the email address above? Does it have the company’s contact information and/or graphics that you’ve been accustomed to seeing if you’ve received mail from them before?
     
  • Look at the content of the body – Is it just asking you to open a file or go to a website link?
     
  • Look at the direction of the message – Does it ask you to open the attached file? Does it create a sense of urgency? With viruses, the purpose of the body is to entice you to open the attachment. A common method is by fear and urgency.
     
  • Verify Sender - Best way is to contact that person by phone to verify the email.
     

Please contact IT for any questions.