The first step in protecting ourselves and our digital devices is to learn about the types of threats available. The second important step is to know in what ways these threats have infiltrated our computers, smartphones and tablets. Cybersecurity firm ESET shares the most common infiltration and malicious code tactics.
Phishing and malicious emails
The main purpose of phishing emails is often to capture sensitive information such as your credentials, credit card verification code, PIN code that you use to access various services. These e-mails can impersonate an e-mail from a trusted institution and contain attachments that could infect your device with malware. For this reason, you should always read your e-mails in detail. So you can catch hints of fraud most of the time. Often typos, emergency alerts, requests for personal information, or messages from a suspicious domain give a clue.
Cybercriminals use a domain name that is very similar to the websites of famous brands or organizations, creating fake websites with tiny differences, such as a single letter or word being different. These websites contain links that the targeted person can click to download the malicious software to the device.
To prevent malware infecting your device from such websites, always search for the website by typing the official website yourself in the search engine or address bar. Let us remind you once again that a suitable security solution will also prevent you from accessing harmful websites.
USB flash drives
External storage devices are widely used, but these devices pose many risks. Keyloggers or ransomware can infect your device when a malware-infected drive is inserted and opened. To reduce the possibility of infection, you should use a reliable and up-to-date edge protection security solution that will scan all external media connected to your device and notify you of any suspicious situation.
P2P sharing and torrents
Peer-to-peer sharing and torrents are renowned as a place where games can be downloaded illegally, while developers use this method to distribute open source software or musicians to spread their songs. But P2P sharing and torrents are also notorious for being used by bad people who add malicious code to the file. ESET researchers revealed that the Tor network is being abused to spread the cryptocurrency KryptoCibule virus. To minimize the risk of being compromised, you should use a reliable Virtual Private Network (VPN) to encrypt your traffic and protect it from malicious people.
You may come across software that has been directly compromised by cybercriminals. A good example of this is that CCleaner application has been compromised.
In these attacks, cyber crooks place the malware directly into the application and use the application to spread the malware. Since CCleaner is a well-known application, the user can download the application without the need for a thorough review. However, you should be careful when downloading software, even if it is reliable software. It is also important to regularly update your apps and install patches. Security patches protect you from leaks or gaps in infected applications.
Some websites have various advertisements that appear immediately each time you access them. The purpose of these ads is to generate revenue for these websites, but they can also contain various types of malware. By clicking on the ads, you can unwittingly download the malware to your device. Some ads may even tell users that their device is compromised and the only solution is to use the virus removal app included in the ad. However, this is never the case. You can block most adware by using a reliable ad-blocking extension in your browser.
The last item on this list is about fake mobile apps. These apps often pretend to be real apps and try to get victims to download these apps to their devices, thereby violating them. They can impersonate any app by acting like smart wristbands, cryptocurrency apps or Covid-19 tracking apps. But many times, victims download various malware such as ransomware, spyware or keyloggers onto their devices instead of the promised service.
You should be careful to use apps with tracking logs and comments from trusted developers on your devices. Also, keeping track of updates helps protect against threats that try to exploit vulnerabilities that may exist in older versions of apps.