Malware: Beware of viruses, worms & trojans!

Safe surfing

Malware burrows into your computer, laptop or smartphone. Through it, third parties can access your system and steal or manipulate your data without being noticed. Updates, the latest antivirus software, and a bit of caution when using the internet and email can protect you.

Malware in emails or on the internet

Malware refers to computer programs that carry out unwanted actions on your computer, laptop or smartphone. The main types are viruses, worms and trojans. They are programmed for a variety of purposes: spying, theft of information or money (online banking), and much more.

Over 500,000 new malware programs are discovered every day (source: Virustotal). In most cases, a system becomes infected through an email or while you are surfing the internet. Particular care should be taken with downloads or links in email attachments or files on questionable websites.

Worm

A worm is a program that copies itself to another computer (independently executable). A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.

Computer worms can arrive as attachments in spam emails or instant messages. Once opened, these files can provide a link to a malicious website or automatically download the computer worm.

Worms can modify and delete files, and they can even inject additional malicious software onto a computer. Sometimes a computer worm’s purpose is only to make copies of itself over and over — to overload a device or network. In addition to wreaking havoc on a computer’s resources, worms can also steal data and allow a hacker to gain control over a computer and its system settings.

Trojan

A Trojan horse, or Trojan, is a type of malicious code or software that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general inflict some other harmful action on your data or network.

A Trojan seeks to deceive you into loading and executing the malware on your device by acting to be a desired game or the song you like so much. You might also for example think you’ve received an email from someone you know and click on what looks like a legitimate attachment. But you’ve been fooled. The email is from a cybercriminal, and the file you clicked on — and downloaded and opened — has gone on to install malware on your device.Once installed, a Trojan can perform the action it was designed for.

Trojans usually are employed by cyber-thieves and hackers trying to gain access to users' systems. They can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system.

Virus

A computer virus (Latin virus, poison, Schleim ‘) is a self-propagating computer program, which infiltrates into other computer programs and thus reproduces itself. The classification as a virus refers here to the distribution and infection function.

Once started, it can make uncontrollable changes to the status of the hardware, the operating system or other software (damaging function). Computer viruses can interfere with computer security by the creator desired or unwanted functions and count to Malware.
The term computer virus is colloquially also used for worms, ransomware, rootkits, spyware and trojans, since there are often mixed forms and for users the difference is barely recognizable.

«Over 500,000 new malware programs are discovered every day.»

How we can protect ourselves against malware:

1. Install updates

Updates minimise security loopholes for malware. Programs and operating systems are constantly improving: prettier designs, more features and often improved security. You can access these improvements by installing an update on your devices. More information.

2. Check email attachments and links

Be sceptical about emails from senders you don’t recognise. You should also be mistrustful of emails from people you know that have unusual content. Don’t download attachments and don’t click on links in emails that look strange to you. Call and ask if you have any doubts. More information.

3. Install antivirus software

Use antivirus software and always keep it updated.

4. Only accept downloads from trustworthy websites

If you want to download a program from the internet, download it from the manufacturer’s website. Always check the internet address and page information.

How does my device get infected with malware?

Email attachments and links

You receive an email with an attachment or a link. The attackers want you to open or download a document or click on a link to install malware on your device. Here are three typical methods used to manipulate you:

Threat – you forgot to pay a bill (check the attachment!). You signed a contract.

Curiosity – a whistleblower is passing secret information on to you. Someone is accidentally informing you of salaries or strategies. A video that supposedly shows you.

False identity – Julian Assange, a service provider, a collection agency, a major bank, a well-known company or an applicant.

Fake updates and programs

You’re browsing a website and suddenly a pop-up appears and asks you to install an update – for Firefox, Chrome, Edge, or something similar. Or you’re asked to download Adobe Flash Player or another ‘special’ player.

Usually, you’re told that you can’t keep browsing or can’t keep using the website’s services without the update or the player. The attackers are pressuring you.

Updates are important, but usually automatic. Only trust update messages from your operating system itself or from programs, never from pop-ups on a website.

Download from a fraudulent website

There are fraudulent websites that imitate the sites of well-known companies to appear trustworthy. They lure internet users looking to download a specific program or film to their page. Even Google/Bing search results, especially advertising links, are not always an indicator of reliability.

You often get what you were looking for – plus some malware. You don’t even notice that your device has been infected.

Do you believe your device has been infected? Don’t panic.

Disconnect from the internet.
Did you download a document or program? Delete it.
Start your antivirus software.
Talk to your IT department if possible.
Use the Malware Scanner.

How can you tell if your device has been infected? Possible signs:

Your antivirus software reports an infection.
Error messages when starting or shutting down the computer.
Your computer no longer runs stably, and crashes frequently.
Slow system, constant load on the RAM and/or processor, constant hard drive activity.
Antivirus software is disabled (even after you explicitly activated it).
The website of one or more antivirus software providers can no longer be reached.

You can find more information at ‘e-banking, but secure!’.

Current attack scenarios:

Ransomware

Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again.

Ransomware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.

Typical attacks usually ask for $100 to $200. Other attacks seek much more, especially if the attacker knows the data being held hostage can cause a significant direct financial loss to a company. As a result, cybercriminals who set up these scams can make big sums of money.

No matter what the scenario, even if the ransom is paid, there is no guarantee that computer users will be able to fully access their systems again. While some hackers direct victims to pay through Bitcoin, MoneyPak or other online methods, attackers could also demand credit card data, adding another level of financial loss.

Don’t pay the ransom. Keep in mind, you may not get your files back even if you pay a ransom. A cybercriminal could ask you to pay again and again, extorting money from you but never releasing your data.

Scare ware

Scare ware includes programs that are designed to fool the computer user into a danger that does not exist.

The most famous form is counterfeit antivirus software, which indicates that there are countless viruses on the computer. However, to remove the alleged pests, the user should purchase a paid program. The goal is to exploit the fear of computer users and to earn money with the fake anti-virus software.

Spyware

Spyware is a type of malware. It infiltrates your computing device, stealing data and sensitive information.

Spyware is used for many purposes. Usually it aims to track your internet usage data, capture your credit card or bank account information, or steal your personal identity. Spyware is like a mirror for criminals. It monitors your internet activity, tracks your login and password information, and spies on your sensitive information.

Some spyware install additional software or change the settings. It’s important to use secure passwords and keep your devices updated.

Spyware can affect PCs, Macs, and iOS or Android devices. Although Windows operating systems may be more susceptible to attacks, attackers are becoming better at infiltrating Apple’s operating systems as well. Some common ways your computer can become infected:

Accepting a prompt or pop-up
Downloading software from an unreliable source
Opening email attachments from unknown senders
Pirating media such as movies, music, or games

Additional information

Tips to prevent hacking and malware
Schweizerische Kriminalprävention
Current cases in Switzerland
Cantonal Police of Zurich
Internet Schutzbrief
TCS
Information about fake browser updates
MalwarebytesLabs
Information about fake updates for Adobe Flash Player
Mac Security
Malware statistics
Virustotal
Read more about malware infection
e-banking, but secure!

« back to top