1.888.801.1777 sales@tech-point.ca

Identifying Security Threats

by | Oct 28, 2021 | Security, Software, Technology | 0 comments

Identifying security threats.

Overview:

In today’s rapidly evolving technological landscape, there are a plethora of harmful threats to your computer systems, networks, and users. These are categorized overall as “malware”, and contain viruses, scams, adware, Trojans, bots, and phishing emails. This post attempts to explain some of these threats, as well as what to look for to protect yourself from becoming a victim of malicious software.

Types of Threats:

The term “malware” broadly encompasses the following types of malicious software:

  • Viruses and Worms: Viruses can make copies of themselves, spreading to other computers by infecting applications, documents and files and starting malicious code. Typically a user has to open these infected programs and files for the virus to run. Worms are a type of computer virus that can replicate and spread across computer networks by exploiting operating system vulnerabilities (for example, an out of date Windows installation). Unlike viruses, worms can run undetected in the background, replicating and spreading themselves autonomously. Both viruses and worms can be destructive, designed to damage or disable the systems they infect. When integrated with spyware, they can steal credit card, banking or personal information by logging keystrokes and sending that information back to the malware authors. 
  • Ransomware: Also known as “crypto malware”, Ransomware locks a system by encrypting the hard drive and all user data. Users are unable to access their computer or any of the files on it. The malware then demands payment to unlock the system. Some ransomware can spread like a worm does, using already infected systems or it can be delivered to the target system inside a Trojan horse.  
  • Adware and Spyware: Adware is typically embedded into free software, and usually displays ads within the software or web browser. Spyware can gather information about a user by taking actions including collecting keystrokes, watching screens, harvesting login information, and other monitoring activities. It is often used to display targeted advertising. When used maliciously, spyware is bundled together with other malware such as viruses and worms to perpetrate theft or fraud.
  • Rootkit: Typically embedded with viruses, Trojans and worms, rootkit attempts to conceal its host malware from detection by security programs such as antivirus software, while providing the malware with continued administrator/root level access to the infected system. Rootkits can remotely execute files and change system configurations without the user knowing.
  • Trojan Horse: This type of malware attempts to disguise itself as a helpful piece of freeware, for example, a free antivirus, utility, or productivity program. Once installed, it simultaneously installs malware, viruses, worms, spyware, ransomware, and/or rootkits.
  • Phishing: Used heavily by Trojans to entice users into opening an email attachment, or click a link in the email body that downloads malware onto the user’s system.
  • Bots and Botnets: Bots are software programs that are used to automate specific functions over the Internet. In the malicious context, they can be used to perform Denial of Service (DDoS) attacks, spread spam, deliver adware, create accounts on websites, and more. Malicious bots are delivered and spread as part of a worm or virus. A botnet is a collection of systems that are all infected with the same bot, allowing the bot author to use the collective processing power of many systems for malicious purposes.

More Links on Malware Types

Some Symptoms of Malware Infection

Malware infections can present themselves in a great many ways, but the conditions below are the main indicators that your computer has been infected with malware:

  • Consistently high CPU utilization.
  • Hard drive constantly busy.
  • Programs open and close automatically – For example, unexplained Windows Explorer or command prompt windows opening up and then closing.
  • General system instability – blue screens, hard crashes, lock ups, unresponsiveness, etc.
  • Unexplained emails being sent from your email account without your consent. Often, people in your contacts list will email you asking you to stop sending phishing or spam emails. 
  • Files getting modified or deleted, or new, unknown files, shortcuts, etc being created.
  • Inability to change system settings that could be previously be edited.
  • Unwanted pop-ups, programs, or web browser based toolbars.
  • Slow web or file browser performance.
  • Lack of storage space.

More Links on Malware Infections


Preventative Measures

  • Keep your operating system up to date. If it is not receiving system updates on a regular basis, please ask your IT team to investigate and troubleshoot.
  • Ensure your antivirus / anti-malware software is updating itself. If it isn’t updating properly, please ask your IT admin professional to investigate and troubleshoot. 
  • Watch for suspicious emails. These can be made to look like they came from a known or reputable source, or it may be obvious that they are coming from an unknown source. Such emails typically contain a malware infected document or links to a “dropper” site. Do not open any email attachments or click on any of the links in them. Always check to see if the sender’s name matches the sender’s email address. In your email client software, you can check the message header of an email by going to “File” → “Properties”, where you can see the “From:” field. For links, you can hover over them with your mouse to see the actual address they go to without clicking on them. Checking where the links go is usually a clear indicator as to whether or not an email is legitimate. Often called “phishing emails”, these messages typically include a “too good to be true” offer such as free money in exchange for bank account numbers. In some situations, phishing emails purport to be a bank or PayPal sending financial statements, or an online service such as Apple, Amazon, or UPS sending an attached invoice or purchase receipt that is actually a Trojan. Other scenarios have occurred where the attacker claimed to be an online service such as Gmail sending a password reset request that contains malicious links or a Trojan attachment. If you think an email is suspicious or it came from a source you are not expecting, chances are good that it is malicious in nature. Any email that looks suspicious should be deleted immediately without opening anything inside.
  • Be skeptical of freeware. Supposed “free” useful utilities such as “systems optimizers” and “cleaners”, free games (such as online poker applications) and free “downloaders” often include Trojan horses or other malware.  No third party software should be installed on any work-related computers without talking to your IT department first.
  • Do not click ads on websites. Often, it is difficult to determine whether such ads are legitimate. If not, they can redirect your web browser to a page containing malicious code that can infect your system.
  • Do not open joke or funny emails. Sometimes, these can be used to spread Trojans, viruses and other undesired malware. 


Contact your IT department or TechPoint immediately if:

  • you are unsure whether an email is legitimate or a phishing scam.
  • your think your system is infected and/or is showing any of the above symptoms. 
  • you think you opened a web page, email attachment or installed a program that may contain malware.

Always err on the side of caution; contact your IT department if in doubt.

Or talk to TechPoint, who will be able to help and advise your organization regarding digital threats.

Submit a Comment

Your email address will not be published. Required fields are marked *