You know that malware is bad, but are you also aware of the various common ways in which it can infiltrate your devices?
Malware has been one of the most common threats that netizens face daily. However, although you have heard about the various types of malware you can encounter, chances are you don’t know how these malicious programs are able to infest your devices.
While knowing what types of threats exist is the first step towards protecting yourself and your devices, the next and arguably more important step is to know how threat actors try to sneak these malicious pieces of code into your computers, smartphones, and tablets. To help you combat these threats, we look at some of the most common methods and tactics used to tricking netizens into downloading malware and compromising their data and security.
Phishing and malspam emails
Usually the main objective of phishing emails is to wheedle sensitive information out of you such as your access credentials to various services, your card verification code (last three digits on the backside of your payment card), PIN code, or other personally identifiable information (PII). But by masquerading as mail from a trusted institution, they may contain attachments or links that will lead to your device getting infested with malware.
Therefore, it’s always prudent to not just skim over your emails but read them thoroughly. More often than not you’ll notice dead giveaways that you’re dealing with a scam. Telltale signs usually include spelling mistakes, evoking a sense of urgency, requesting personal information, or the email originating from a suspicious domain.
To trick victims into downloading malicious apps, cybercriminals like to spoof websites of famous brands or organizations. The scammers create fraudulent webpages impersonating the real deal, with the domain name resembling the domain of the organization being spoofed as closely as possible, with some subtle differences here and there, such as adding a letter or symbol or even a whole word. The websites will be malware-laced and will try to dupe the target into clicking on links that will download malware into their devices.
To avoid getting your device infested with malware by visiting one of these websites, always search for the official domain by typing it into a search engine or by typing it manually into the address bar. It bears repeating that a proper security solution will also protect you from most threats and will also block you from accessing known malicious websites.
USB flash drives
External storage devices are a popular form of storing and transferring files; however, they do carry a number of risks. For example, threat actors like to use the “lost” flash-drive social engineering strategy, to dupe unwitting good Samaritans into plugging a compromised thumb drive into their computers. Once an afflicted drive is plugged in and opened your device can get infested with a keylogger or ransomware.
Alternatively, if you aren’t careful about how you handle your flash drive, your computer may get infested by cross-contamination. To mitigate the chances of contaminating your PC you should use a reputable and up-to-date endpoint security solution that will scan any external media plugged into your device and warn you if it contains anything suspicious.
P2P sharing and torrents
While over the years peer-to-peer sharing and torrents have gained a reputation for being a place to illegally download software, games, and media, they have been used by developers as an easy way to disseminate their open-source software or musicians to spread their songs. However, they are also infamous for being abused by black hats who inject the shared files with malicious code. Most recently, ESET researchers uncovered cybercriminals misusing the BitTorrent protocol and Tor network to spread KryptoCibule, a multitasking multicurrency cryptostealer.
To minimize the risk of being compromised, you should use a reputable Virtual Private Network (VPN) to encrypt your traffic and keep it safe from prying eyes. You should also use an up-to-date security solution that can protect you from most threats including viruses or malware that may be a part of the files you’re trying to torrent.
Although it may not happen often, software being directly compromised by threat actors isn’t a rare occurrence. One prominent example of an application’s security being compromised was the case of CCleaner. In these attacks, the black hats inject the malware directly into the application, which is then used to spread the malware when unsuspecting users download the app.
Since CCleaner is a trusted application, it wouldn’t have occurred to a user to overly scrutinize it. However, you should be careful when downloading any type of software – even the one you trust. You also can’t go wrong by using a reputable security solution and don’t forget to patch and update your apps regularly, security patches usually deal with any vulnerabilities or loopholes found in the affected apps.
Some websites are riddled with various ads that pop up whenever you click on any section of the webpage or can even appear immediately whenever you access certain websites. While the aim of these ads is generally to generate revenue for these sites, sometimes they are laced with various types of malware and by clicking on these ads or adware, you may involuntarily download it onto your device. Some ads even use scare tactics telling users that their devices have been compromised and only the solution offered in the ad can clean up the compromise; however, that is almost never the case.
A sizeable amount of the adware can be avoided by using trusted ad-blocking extensions on your browser, which will, as the name suggests, block ads from appearing on the website you’re visiting. Another thing you can do is avoid suspicious websites that use such advertisements altogether.
The last item on this list deals with fake mobile applications. These apps usually masquerade as the real thing and try to dupe users onto downloading them into the victims’ devices, thereby compromising the devices. They can take on the guise of anything, posing as fitness-tracking tools, cryptocurrency apps, or even COVID-19 tracing apps. However, in reality, instead of receiving the advertised services, the devices will get infested with various flavors of malware such as ransomware, spyware, or keyloggers.
To avoid downloading any malicious apps onto your devices, you should stick with applications offered by trusted developers with a verifiable track record and reviews. Also keeping your devices patched and up-to-date can help you stay protected from various threats that would try to exploit the vulnerabilities that may be present in older versions of apps and operating systems.
While the list of strategies used by cybercriminals to target unsuspecting citizens is long and it may get longer (black hats keep coming up with new malicious tactics, after all), there are ways you can keep your data secure and your devices protected. These threats can be countered by adhering to cybersecurity best practices, which include using reputable security solutions and keeping your systems patched and up to date.
written by Amer Owaida, ESET We Live Security