Empowerment Technology

Online Threats:
Common Types of
Malwares.

A presentation by:
Hit Me App
Malware

What is Malware?
1
Malicious software that is deployed by a
threat actor to wreak havoc on an
organization or individual.

Malwares are found

2 in:
Attached to emails, embedded in fraudulent
links, hidden in ads, or lying in-wait on
various sites that you might visit on the
internet.
How does Malware
3
operate and its goal:
Take one click and can be installed itself and
begin to execute its program.

To harm or exploit computers and networks,

often to steal data or money.
Common Types Of
Malware Attacks
1.

Adware:

Commonly called “spam” it serves unwanted or

malicious advertising. While, relatively harmless,
it can be irritating as adware hamper your
computer’s performance.

To defend against adware, ,make sure you keep

your operating system, web browser updated.
2.
Fileless Malware:

Unlike traditional malware, which uses executable

files to infect devices, fileless malware doesn’t
directly impact files or the file system. Instead, this
type of malware uses non-file objects like Microsoft
Office macros, PowerShell, WMI, and other system
tools.

Because there’s no executable file, it is difficult for

antivirus software to protect against fileless
malware. The best way to limit what fileless malware
can do is to limit users’ credentials.
3.
Viruses:

A virus infects other programs and can spread to

other systems, in addition to performing its own
malicious acts. A virus is attached to a file and is
executed once the file is launched. The virus will
then encrypt, corrupt, delete, or move your data and
files.

To defend against viruses, an enterprise-level

antivirus solution can help you protect all your
devices from a single location while maintaining
central control and visibility.
4.
Worms:

Like a virus, a worm can duplicate itself in other

devices or systems. Unlike viruses, worms do not
need human action to spread once they are in a
network or system. Often attack a computer’s
memory or hard drive.

To protect yourself against worms you should make

sure every device is updated with the latest patches.
Technology like firewalls and email filtering will also
help you detect files or links that may contain a
worm.
5.
Trojans:

A trojan program pretends to be a legitimate one,

but it is in fact malicious. A trojan can’t spread by
itself like a virus or worm, but instead must be
executed by its victim, often through social
engineering tactics such as phishing.

Security awareness training is crucial for protecting

against trojans, as employees are both the targets
and the first line of defense against these kinds of
attacks.
6.
Ransomware:

-Considered as “scareware” as it forces users to pay

a fee by scaring or intimidating them.
-Disables victim’s access to data until ransom is
paid. If ransom isn’t paid by certain deadline, the
threat actor threatens to delete or release the
valuable data or sell it on the dark web.
-Security awareness training can help users detect
and prevent suspicious activity.
7.
Spyware:

-Malicious software designed to enter your

computer device, gather data about you, and
forward it to a third party without your consent.
-Software that install itself on your computer and
starts coventry monitoring your online behavior
without your knowledge or consent.
-Antivirus software, training employees and
employing multi-factor authentication can be used
to prevent spyware or the resulting credential theft.
8.
Rootkits:
-Rootkits were not originally designed as malware,
but they have become a common attack vector for
hackers. A rootkit allows a user to maintain
privileged access within a system without being
detected.
-Can allow hackers to use your computer to launch
DDOS attacks or send out spam email.
It gives hackers remote control of victim’s device.
-To prevent rootkits from doing damage,
organizations need to revoke privileged access and
employ a zero trust approach, where ever used must
be verified.
9.
Keyloggers:
-is a type of spyware that monitors user activity.
Keyloggers have legitimate uses; businesses can use
them to monitor employee activity and families may
use them to keep track of children’s online
behaviors.
-when installed for malicious purposes, keyloggers
can be used to steal password data, banking
information and other sensitive information.
Keyloggers can be inserted into a system through
phishing, social engineering or malicious
downloads.
-To prevent this use Two-factor authentication.
10.
Wiper Malware:

-A wiper is a type of malware with a single purpose:

to erase user data and ensure it can’t be recovered.
-Wipers are used to take down computer networks
in public or private companies across various
sectors.
-To prevent wiper malware regularly update your
important data and monitor changes in your
devices.
Thank you for listening!