How it works

Josh received an email from Paypal saying that, due to a security problem, he needed to urgently login to update his address and debit card details or his account would be locked.

Josh clicked on the provided link and was taken to the Paypal login page:

 

He logged in, entered his full home address and re-entered his debit card details including the expiry date and the 3 digit CVV number from the back of the card. When he clicked the Submit button, he was taken back to the Paypal login page:

Phishing

Josh has just been the victim of a phishing attack. Look at the URL of the first login page he was taken to from the email message:

www.paypal.com.erdfg5fv.ru/login.htm?

The actual web address that Josh has been sent to is erdfg5fv.ru. It also shows as being an insecure site (to the left of the address bar). Josh has given this fake site his Paypal username, Paypal password, home address, debit card number, expiry date and CVV number.

After giving away all of these details to cyber criminals, he has then been redirected to the genuine Paypal login page.

Reduce your risk:

Phishing emails will often include spelling or grammatical errors. Genuine organisations do make mistakes sometimes, but a badly written email is unlikely to be genuine.

Most organisations will send emails from their own company domain. itservices@cumbria.ac.uk is good. uoclibraries@example.com is bad.

Paypal and your bank will normally include some identifying information in emails, such as the last four digits of your debit or credit card number. If this information is missing you should be suspicious.

Never click on links to banking or shopping sites unless you are absolutely sure they are genuine. If you do click on the link - carefully check the URL to see if you are on the genuine site. It is always safer to manually type in the address of the site or service - it only takes a moment to type www.paypal.com and can save you all of the time it takes to deal with a stolen account and/or stolen money.

Install the official app (if on a mobile device), a genuine link will always open the app for you - a fake link will open a fake web page.

David has been surfing the web and followed a link sent to him by a friend via Facebook. The link was for a site that was selling branded sportswear at 90% off the normal price and he fancied buying some new trainers out of the remainder of his student loan. Suddenly his laptop froze and he was shown the following screen:

 

David cannot access anything on his laptop apart from this screen. His dissertation is on the desktop and he needs to submit it this Friday. Can he contact the Department of Justice to explain their mistake or should he pay the fine to get his files back?

Ransomware

David has been a victim of ransomware. This is a malicious program that has encrypted all of his files. The message (in the example above) has not come from the FBI or the Department of Justice - it has come from a criminal or criminal group that is trying to extort money from David.

All ransomware can look very different, but they all ask for the same thing - send us some money and we will give you a passcode to unlock your files:

The likelyhood that files can be recovered from an infected computer are very slim. Even if you pay the ransom, as you are dealing with criminals, you will almost certainly never see your files again.

Reduce your risk:

Make sure that you have up-to-date antivirus software installed on all of your devices (ransomware can affect Windows, Apple OSx, Android, Apple iOS and other operating systems).

As with phishing attacks - if an offer seems too good to be true then it is either a scam or other criminal activity.

Be suspicious of everything - it is not unusual for a social media account to be hijacked and for hijacker to then send out messages that seem to be coming from a trusted friend.

If you don't know where a link goes or where an email attachment has come from - DO NOT CLICK ON IT!

Gina is working on an assignment in Word and doesn't want to be distracted, so doesn't have any other programs open. Her work keeps getting interupted by adverts popping up on her screen:

Some of the adverts are easy to close, but others want her to "Click here" to close them and that just takes her to webpages that are further advertising the products or services in the original advert. She is doing her best to ignore them and continue with her work, but after another hour of typing there are about 20 of these adverts sitting on her screen.

Adware

Gina has become a victim of adware. This was probably added to her PC when she downloaded some "free" or trial software.

Adware is mostly harmless in itself, but can often point you to sites which are either trying to harvest your personal details or get money from you:

Remove adware with good antivirus software or run the free MalewareBytes Adware Remover https://www.malwarebytes.com/adwcleaner/

Free software

MakeUseOf maintain a list of the safest places to download free Windows software https://www.makeuseof.com/tag/9-cleanest-safest-websites-download-free-software-windows/

Check out free apps on your device's app store - look at user reviews and be suspicious of anything that asks for too many permissions. See Mobile Security for more information.

Adware / madware

Adware and madware (mobile adware) are everywhere and usually do very little damage to your device. They are usually designed to simply display frequent adverts for which the creators get paid for views and clicks. Adware is very annoying and is usually loaded onto a device through downloading of "free", trial or ad-supported software.

Antivirus / anti-malware

Good antivirus software should protect your device from most of the threats listed on this page, but you can also install separate anti-malware software that targets specific threats such as adware, ransonware and others. Good antivirus software should be paired with a strong firewall for better protection.

Bot / botnet

An Internet bot is a piece of malicious software that runs automated tasks over the Internet. A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets are often used in DDOS attacks.

Browser hijacker

This is a type of malware that takes some control over what your web browsers do. This includes redirecting any attempts to access your normal search engine to another location where criminals gain income from either search results or adverts on the pages. A browser hijacker can also prevent you from accessing genuine antivirus vendor websites and will often send all of your website data to the cyber criminals behind the hijack.

DDOS

Distributed Denial Of Service - This is a type of cyber attack where a large number of computers are used to direct enormous volumes of traffic at a website or service. The website or service is so busy dealing with this traffic that genuine users and customers cannot access it.

Firewall

A firewall is a piece of software or a physical box that monitors traffic into and out of your network. They are designed to work with a set of rules that prevents malicious access to your devices.

Hacker

There are various types of hacker (whitehat hackers work on behalf of organisations to find and fix security risks in their systems) and most of them have some kind of malicious intent. They will break into services, systems and accounts for some sort of financial, social or reputational gain.

Keylogger

A keylogger can record all of the keypresses that you make on either a physical or onscreen keyboard. This information is then sent to the cyber criminals who can see when you type in any usernames and passwords on your device and for websites you visit. They can now use this information to access your accounts.

Malware

This is the generic term for all of the other malicious software listed on this page.

Phishing

Phishing is an attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising itself as a trusted web link or attachment in emails, social media posts and even text messages. See Email Security for more information.

Ransomware

Ransomware is a type of attack that locks all of the files on your device until you pay a ransom. See "My computer says a must pay a fine or a ransom" further up this page.

Rogue antivirus software

This is software designed to appear like legitimate security software and misleads users into believing their computer is infected with a virus, with the intent of tricking them into paying money for a fake malware removal tool. The fake malware removal tool can even introduce real malware onto the computer

Rootkit

A rootkit is a type of malware that buries itself deeply within your operating system. This makes them very hard to detect and provides them with complete "root" access to you entire system. A rootkit can rewrite antivirus software so that it ignores the threat. A cyber criminal now has access to everything you do on your device.

Spyware

Spyware spiess on you and all of the activities that you carry out on your device. A cyber criminal can see your logins, passwords, the webpages you are visiting, the videos your are watching, the chats you are in and even the view from your webcam (front and rear cameras on an infected mobile device).

Trojans

These are very dangerous and often disguise themselves as legitimate software. A trojan can allow a cyber criminal to take complete control of your device without alerting you to their presence. A trojan infected device can also be used as part of a botnet to perform DDOS attacks.

Virus

Computer viruses extremely varied and are normally designed to simply destroy files and wreak havoc.

Worms

A computer worm is a self-contained, self-replicating computer program that spreads to other files or other computers. Worms can contain most other types of malware.

Some of the definitions on this page were derived from: https://www.askboard.com/tech/comprehensive-list-of-malware-types/