What is malware?

Estimated reading time
 6 min

Key points

• Malware is malicious software that can harm your device, corrupt, or lock your files, or steal personal and business information.
  
  
• Around one in five Australians experience signs of a malware attack each year.
  
  
• Malware can infect your device through different ways, such as by clicking a malicious link, downloading an infected file, interacting with malicious ads, or through network vulnerabilities.
  
  
• If your device is slower than usual, apps crash unexpectedly, or you notice decreased storage space, you may have a malware infection.

The internet is such a massive part of our lives. It helps us stay in touch with loved ones, find information on just about anything, and keep us entertained whether we’re at home or on the go.

There are also many ways we can access the internet nowadays – we’ve got phones, tablets, laptops, TVs, and even smartwatches.

However, the internet and our devices are prime targets for cybercriminals looking to install malicious software known as malware. With Australians being online more than ever before, around one in five people experienced signs of a malware attack last year.¹ It’s also estimated that a business is targeted every 11 seconds by a ransomware attack, a type of malware that can significantly harm your devices.²

We will give you a rundown of malware, the different types you might encounter, and the signs of a malware attack so you can help protect your devices from cybercriminals.

What is malware?

Malware (short for ‘malicious software’) is software or code designed by cyber criminals to harm or gain access to your device or network. A cybercriminal might send you a message and try to manipulate you into clicking on a link or downloading a file that contains malware. If you do, it can then spread through your device. Alternatively, the cybercriminal might pretend to be someone solving an IT problem and ask for remote access to your device. Instead of helping you, you might be tricked into installing malware.

Cybercriminals can use malware to:

• Steal your personal and banking information to use for other types of scams and cybercrime.
  
  
• Damage your device and corrupt your files.
  
  
• Lock your device and files in exchange for a ransom fee.

6 common types of malware

1. Ransomware

Ransomware is software that locks your device and files so you can’t access them. A cybercriminal may hold the device and files hostage and demand payment in exchange for giving back your access (the ransom). Unfortunately, there’s no guarantee the cybercriminal will hold up their end of the bargain, even if you pay the ransom.

2. Trojan

Trojan malware is when malicious software is disguised as a regular file. If you download a file, the Trojan malware will infect your computer and take over your device. It can steal data and corrupt your files, leaving you more vulnerable to other hackers. When you download a file, your computer may display a warning before you install it and ask if you’re confident about where the file came from.

3. Viruses

A malware virus can spread between multiple devices and attach to programs, apps, files, or photos. When you use an infected program, the virus will run and attach itself to other programs. This can quickly damage your device’s operating system and corrupt your data.

Viruses can also spread through email, with some viruses designed to email or message people on your contacts list, enticing them to click a link so the virus can spread to their device.

4. Worms

A computer worm is similar to a computer virus. The critical difference is that the worm can make copies of itself and spread to other systems without attaching to a program. This type of malware can spread like wildfire across networks and exploit weaknesses in devices and apps.

5. Spyware

Spyware is software that secretly monitors your device and online activity. For example, spyware might record your keystrokes (what you type on a keyboard) or take screenshots of websites you’ve visited. It also has the potential to capture any personal information you use while on your computer, such as your credit card details and passwords. Other types of spyware might collect information about the websites you’ve visited, how long you’ve spent on them, and the ads you’ve clicked on.

6. Adware

Adware displays advertisements on your device, interrupting internet sessions and slowing down your system. These ads can appear as pop-up ads (suddenly appearing on your screen) or as banner ads (they look like vertical or horizontal rectangles on the website). Adware is installed on your device without your consent by either being bundled with free software or through a weakness in your device.

Adware can significantly slow down your device and track your online behaviour, which can help cyber criminals show you ads based on your interests. The goal of adware is for you to click on the ads so the cybercriminal can earn money through ad partnerships.

How does malware spread?

There are many ways malware might spread and potentially infect your devices:

• You might download a document or file from an email, and the attachment could contain malware.
  
  
• You click on adware when you visit a popular website, such as a news website or online store, which might install malware.
  
  
• You might receive a notification asking you to update your device’s software – but it’s actually malware in disguise.
  
  
• You insert an infected USB into your computer, and it might cause malware to spread.
  
  
• You download an infected app onto your device, and it might corrupt your device and network.
  
  
• You click on a link in a phishing email or text message, which takes you to a fake website where malware might be automatically downloaded to your device.
  
  
• Malware might be unintentionally downloaded onto your device without your knowledge or input. This is called a ‘drive-by’ download, and it can happen if you visit a compromised website.

Signs of a malware attack

• Your device is slower than usual or crashes frequently, which might indicate that malware is operating in the background.
  
  
• Files disappear or can’t be opened, which may be a sign of ransomware on your device.
  
  
• Programs and apps randomly open and close without you doing anything.
  
  
• There’s a decrease in storage space on your device as malware files can take up a lot of space.
  
  
• Your internet browsing experience is different. For instance, you might have a different home page and new browser tools you didn’t install. Or you might have trouble getting to a specific website.
  
  
• Pop-ups appear whenever you use your device. This could be a sign that adware is installed on your device, which might redirect you to malicious websites where you are exposed to more malware.
  
  
• Your security settings have changed even when you’re sure you didn’t make any changes.

Some things to consider when responding to a malware attack

• Record all the essential details, such as what files were affected and any other changes you’ve noticed on your device.
  
  
• Turn off the infected device and disconnect other network devices to prevent malware from spreading.
  
  
• Change any passwords for essential accounts, as some malware might steal your passwords.
  
  
• Remove malware from your device by running a security scan then factory reset the device. A factory reset is when you delete all your files and restore your settings, so your device is a clean slate.
  
  
• Download backed-up files onto your device and run an anti-virus scan. This can identify and remove any malware lingering on your device or in your backed-up files.
  
  
• Report the malware attack to ReportCyber. Include the information that you documented about the attack in your report.

Tips to help protect your devices from malware

• Use up-to-date anti-virus and anti-malware software on all your devices.
  
  
• Turn on automatic updates on all your devices to ensure you’ve got the latest security updates.
  
  
• Be wary of unexpected messages or calls that ask you to click on a link, download a file or provide remote access. Never follow through with these requests.
  
  
• Research any apps you download to triple-check that they are not malware.
  
  
• Avoid using public Wi-Fi, as malware can easily spread across public networks.

Who can you contact if you’ve experienced a malware attack or been asked to pay, or have paid a ransom? 

• Call the Australian Cyber Security hotline, 24 hours a day, seven days a week on 1300 CYBER1 (or 1300 292 371).
  
  
• Report the cybercrime, incident or vulnerability to ASD or Scamwatch.
  
  
• Inform the ASO via the Contact Us form on Pax or by email at sanctions@dfat.gov.au if you think will be making a payment to a designated person or entity.
  
  
• If you identify that you have undertaken an activity in contravention of an Australian sanctions law (including making a ransomware payment to a designated person or entity) without a permit to do so, please notify the ASO immediately via the Contact Us form on Pax or by email at sanctions@dfat.gov.au.
  
  
• You can also contact IDCare, a not-for-profit organisation providing support to those experiencing identity and cyber security concerns.
  
  
• If you’re an ANZ customer, you can report fraud or suspicious activity in multiple ways, such as through the ANZ app or by calling us.
  
  
• Contact your bank immediately if you’ve shared financial information or transferred money. If you’re an ANZ customer, contact us immediately to report the fraud. 
  
  
• If you shared credit card details, ‘block’ or cancel those cards immediately. If your cards are with ANZ, you can report the stolen card through the ANZ app or by calling us.