Spotting the Difference: Malware vs. Virus vs. Spyware

May. 28, 2020

2:00-2:30AM PST

In order to ensure that your data, or your business’s data, is sufficiently protected against advanced threats, it is vital to understand the different methods of hacking-based attacks that may arise. Advanced threat protection (ATP) is a designation for “security solutions that defend against sophisticated malware or hacking-based attacks targeting sensitive data.” ATP is available in the form of both managed services and software solutions, and can vastly differ in methods and elements. However, more often than not, ATP solutions consist of an integrated approach -- utilizing “endpoint agents, network devices, email gateways, malware protection systems, and a centralized management console to correlate alerts and manage defenses.” And ATP systems and strategies are all geared at keeping user’s data and other sensitive information secure.

However, it is important to note that there are varying degrees of protection when it comes to ATP. Most are familiar with antivirus software, but “a proper antivirus recognizes and defends against any kind of software that's designed with malicious intent, not just viruses.” Due to the fact that it is incredibly difficult to monetize viruses, “the vast majority of malicious programs aren't viruses.” This necessitates full-service malware protection services that will protect against a slew of different threats, in all of their many forms.

What is Malware?

Malware is a type of “software that is specifically designed to gain access to or damage a computer, usually without the knowledge of the owner.” Malware can take a variety of forms -- from spyware to viruses, to ransomware and worms, to trojan horses and adware, etc. Experiencing heightened popularity, malware is a means for money to “be made through organized Internet crime.” Utilized for economic gains, vandalism, and the destruction of targeted machines, malware can be incredibly detrimental to both you and your devices. 

In order to prevent any variety of malware from affecting your device and derailing your work, harming your data, or causing undue economic distress, multi-layered malware protection safeguards are advised -- “along with high-level network visibility and intelligence.”

What is a Virus?

A device can “contract” a virus “when the user launches an infected program or boots from an infected disk or USB drive.” With the ability to give rise to grave technological damages, a computer virus is “a type of [malware, or] malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another.” Much like the type of virus that a human may fall victim to, viruses plaguing technological devices are “designed to spread from host to host,” all while continuously evolving and replicating. However, in order to reproduce, such viruses must live through files, documents, etc.

What makes viruses so frightening is their ability to remain hidden, lying dormant “until circumstances cause the computer or device to execute its code.” And once a virus latches onto one device, it can easily travel to other devices on that same network. Although some viruses are benign in nature, others are incredibly malicious and can result in the devastating harm of one’s device by “stealing passwords or data, logging keystrokes, corrupting files, spamming your email contacts, and even taking over [one’s] machine.” There are several methods in which a virus can spread from device to device, including, but not limited to illegitimate app downloads, audio and video files, “email and text message attachments, Internet file downloads, and social media scam links.” 

There are many possible symptoms of a virus plagued device:

In order to protect your device from viruses, it is advised to be extremely cautious when “surfing the web, downloading files, and opening links or attachments.” Scanning email attachments and files downloaded from file-share drives will also help to avoid viruses. Moreover, steering clear of file attachments that contain executables, like “a file with an extension like EXE, COM or VBS” will help to prevent viruses because “an executable can do any sort of damage it wants.” Whether to achieve a thrill, bragging rights, destruction, or cashflow -- those creating viruses have the power to cause physical damage to your device, as well as to provoke real economic or productivity loss for a user and/or their business.

What is Spyware?

As the name suggests, spyware is a type of malware that takes the form of “software that spies on your computer and steals your passwords or other personal information.” On the other hand, through the use of spyware, hackers may “literally spy on you by peeking through your computer's webcam.” Throughout the past several years, spyware has experienced a surge in popularity, resulting in the inclusion of antispyware elements in many of today’s antivirus software options.

Easily infecting devices and often hard to pinpoint, spyware “is one of the most common threats on the internet” and can affect a variety of devices -- ranging from iPhones to PCs. Certain activities may leave your device vulnerable to spyware, like “accepting a prompt or pop-up without reading it first,” “downloading software from an unreliable source,” “opening email attachments from unknown senders,” or even “pirating media such as movies, music, or games.” However, if your device is experiencing a spyware issue, it can often be immensely difficult to recognize. Spyware is, by nature, “deceptive and hard to find.” If your device slows or crashes out of the blue, begins running low on hard drive space, or experiences pop-ups when whether online and offline, it is very possible that it may be infected with spyware.

Spyware can take four different forms:

Although harmful, spyware can be removed and prevented. Using reputable anti-spyware solutions, refraining from opening emails or downloading files from unknown sources, and avoiding interactions with pop-up advertisements will help prevent spyware issues.

In Conclusion

Through consistent network scanning, careful measures, and full-scale malware protection services, you can avoid any and all forms of malware. Although malware will almost certainly plague all devices in varying degrees at some time or another, the right antivirus software will keep your data, money, files, and devices safe and secure.

References

Fenlon, Wesley. “How Computer Viruses Work.” HowStuffWorks, HowStuffWorks, 1 Apr. 2000,

computer.howstuffworks.com/virus7.htm.

Lord, Nate. “What Is Advanced Threat Protection (ATP)?” Digital Guardian, 11 Sept. 2018,

digitalguardian.com/blog/what-advanced-threat-protection-atp.

“Malware 101: What Is Malware?” Official Site, us.norton.com/internetsecurity-malware.html.

Rubenking, Neil J. “Viruses, Spyware, and Malware: What's the Difference?” PCMAG, PCMag,

27 Nov. 2018,

www.pcmag.com/how-to/viruses-spyware-and-malware-whats-the-difference.

“What Is A Computer Virus?” What Is A Computer Virus?,

us.norton.com/internetsecurity-malware-what-is-a-computer-virus.html.

“What Is Malware? - Definition and Examples.” Cisco, Cisco, 16 Apr. 2020,

www.cisco.com/c/en/us/products/security/advanced-malware-protection/what-is-malware

.html#~how-malware-works.

“What Is Spyware? And How to Remove It.” Official Site,

us.norton.com/internetsecurity-how-to-catch-spyware-before-it-snags-you.html.

Try Trustifi Today

For Individuals

Our Free Trial Is Forever Free

For Business

See if Trustifi Is Right for Your Organization

Microsoft Open Sources its Coronavirus Threat Data

May. 20, 2020

10:00-10:00AM PST

Cybercriminals have been busy in the last couple of months, using the COVID-19 pandemic to hack people and companies. Microsoft decided to open-source its data about these cyber threats in order to better combat cybercriminals and look for ways to protect vulnerable users. The hope is that by sharing this information, they can get a better view of the techniques hackers are using and help defend better against cyberattacks.

Increases in Attacks

In the three months since the pandemic began, there has been an increase in cyberattacks of 600%, and a majority of these have been claims of coronavirus testing, stimulus packages, notifications from the government, and fake pandemic maps.

Cyberattacks in hospitals increased by about 60 percent from February to March. Many of the attacks on hospitals are ransomware, though the software that hospitals are using has been highly successful at blocking these ransomware attacks.

Major Targets

Fraudsters have been sending emails claiming to be from the World Health Organization (WHO) or the Center for Disease Control (CDC) and claiming they have information about the pandemic. These often have malicious links; some even have attachments that claim they have a list of infected people in your area. Others will ask you for a Bitcoin donation to help support research for the virus or want your contact information to send you what they claim to be exclusive information on COVID-19.

Just a few weeks ago, WHO confirmed that approximately 450 email addresses and passwords for active employees were leaked; other groups working on COVID-19 responses also had thousands of credentials leaks.

One group that has been widely targeted is remote workers. "With so many people working from home, remote work software like Skype, Slack, Zoom, and WebEx are starting to become popular themes of phishing lures. We recently uncovered an interesting Skype phishing email that an end-user reported to [Cofense] Phishing Defense Center," Cofense researchers explained. The scammers have been sending out fake videoconferencing notifications aimed at getting access to Zoom and Skype credentials. Hackers have also been infiltrating videoconferences and disrupting meetings.

Spreading Awareness

The software giant has been sharing examples of some of the different phishing emails being used by these hackers on their Twitter in the hope that they can get this information out to more people more quickly.

In a blog post, Microsoft said they have been processing "trillions of signals each day across identities, endpoint, cloud, applications, and email, which provides visibility into a broad range of COVID-19-themed attacks, allowing us to detect, protect, and respond to them across our entire security stack. Today, we take our COVID-19 threat intelligence sharing a step further by making some of our own indicators available publicly for those that are not already protected by our solutions."

Where to Find Indicators

Microsoft released a guidebook for Azure Sentinel Notebooks to help hunt for these attacks, and they assured those with Microsoft Threat Protection that they were protected from the identified threats.

The indicators are available through the Microsoft Graph Security API, in the Azure Sentinel GitHub, and in the MISP feed.

Protecting Yourself

Since Microsoft cannot identify and stop every threat as soon as it appears, you should be prepared to take measures for your own cybersecurity. If you receive an email asking for money for research for the coronavirus, take a moment to scrutinize the message before you click on anything or give them anything. If you receive emails that claim to have pandemic maps or special information about the IRS stimulus checks, it is highly likely the email is a phishing scam.

It is a good policy to not click on anything unless you are 100 percent sure that it is from a source you can trust. If it seems iffy, you can always call the organization the email is supposed to be from to see if they truly sent it to you. Do not download any attachments unless you are sure that it is from who you think it is from; fake attachments often have spyware or malware included that gets to tunnel through your computer once you open that attachment.

The steps are simple if you believe your information has been compromised. First, run a virus scan on your computer, change your passwords from a different device than the one you opened the email in, and contact your bank — if your bank account was jeopardized.

One way to help yourself feel safer when you are checking your email is to contact an email security service to help give you an extra layer of protection when you are checking your email.

 

References

ARSENE, Liviu. “Global Ransomware and Cyberattacks on Healthcare Spike during Pandemic.” Bitdefender Labs, 14 May 2020, labs.bitdefender.com/2020/05/global-ransomware-and-cyberattacks-on-healthcare-spike-during-pandemic/.

Davis, Jessica. “New COVID-19 Phishing Campaigns Target Zoom, Skype User Credentials.” HealthITSecurity, HealthITSecurity, 27 Apr. 2020, healthitsecurity.com/news/new-covid-19-phishing-campaigns-target-zoom-skype-user-credentials.

Dowdell, Sophie. “600% Increase in COVID-19 Related Phishing Attacks.” IT Security Guru, 16 Apr. 2020, www.itsecurityguru.org/2020/04/16/600-increase-in-covid-19-related-phishing-attacks/.

“Open-Sourcing New COVID-19 Threat Intelligence.” Microsoft Security, 14 May 2020, www.microsoft.com/security/blog/2020/05/14/open-sourcing-covid-threat-intelligence/.

Try Trustifi Today

For Individuals

Our Free Trial Is Forever Free

For Business

See if Trustifi Is Right for Your Organization

Expensive—and Preventable—Data Breach Hits Altice

March 11, 2020

10:00-11:00AM PST

Another major company has announced that it has fallen victim to a major data breach. Alarmingly, it was internet service, phone and cable provider Altice USA that was the data breach target through an attack executed via an extremely common malicious email technique.

Criminals used a phishing email that was sent to an Altice employee in Long Island, New York. When the employee clicked on a link, it gave thieves access that enabled them to download the Social Security numbers, birth dates and other personal information of all 12,000 current employees, as well as a number of former employees and customers across the 21 states it serves.

Data Breaches through Phishing Emails

What makes this data breach alarming is that phishing email attacks—like the one that was usedto initiate this break in and theft—are exceedingly common. The average U.S. employee gets 16 malicious emails a month. Without training and software that protects email, it is only a matter of time before one of those emails wreaks havoc.

Suchdata breach attacks are exceedingly costly:

  • Altice had to hire a computer forensics company to figure out what happened and determine the extent of the damage.
  • It has paid to train employees on how to better recognize a malicious email and what to do with suspect email.
  • The company must cover the cost of credit monitoring services for everyone compromised.
  • As a New York company, Altice is subject to the new SHIELD Act [link to this article on your site]that imposes fines and other legal obligations.

And it doesn’t stop there. Add in the damage to the brand, and you have a major loss; one that was extremely preventable.

Phishing Email Data Breaches Are Preventable

Phishing email attacks that initiate data breaches are indeed preventable. Solutions are available that scan inbound email traffic in real-time. These solutions compare incoming emails against black listed entities, scrape and analyze the emails for malicious links and attachments, quarantine suspected emails, and then detonate them in protected spaces not connected to networks where they can do no harm. The most sophisticated systems use machine learning to enhance threat detection.

Because phishing, spoofing, malware, and other threats require human participation, the best systems provide warnings as to the presence and nature of threats. Training on how to recognize and respond to malicious email attacks is a vital part of protecting systems, data, employees and customers.

Also Protect What You Send

Criminals are looking to break into the emails you send, too. Your outgoing email traffic is equally at risk for data breaches as the email your company sends. Solutions that encrypt outgoing mail, even on mobile devices, provide a needed layer of security.

As we were wrapping up this article late this afternoon, it was announced that Altice is now the subject of a class action lawsuit.  The suit filed today is likely the first of manyfor Altice following this data breach. Unfortunately for Altice, the costs keep mounting—all from a data breach initiated through email that was preventable with a small investment in software and training.

Try Trustifi Today

For Individuals

Our Free Trial Is Forever Free

For Business

See if Trustifi Is Right for Your Organization

Trustifi Live Stream: How to Protect Your Business from the Hacking Cyber-Apocalypse

Oct. 28, 2017

10:00-11:00AM PST

Equifax. Deloitte. Yahoo. In the past few years, we’ve seen the rise of some of the worst cyberattacks in recent history. The sheer scope of these hacks has affected business and consumer confidence throughout the whole world. Imagine the most sensitive, confidential and private information, on display to the public – or worse yet – sold to the highest bidder. Private passwords, SSN’s, medical records, bank statements, credit reports, contracts, anything of value to the right set of eyes is now up for grabs.

The threat of a cyber-apocalypse has finally become a clear and present danger to all of us, in any industry. In a special live streaming event, happening on Tuesday, October 31st, Trustifi CEO Idan Udi Edry will deliver a webinar on what individuals and companies can do to protect themselves from this very real threat.

A properly-executed hacked email server can dismantle businesses, destroy reputations and end livelihoods. The webinar will focus on what companies and individuals can do to protect their information through intensive email security, in the light of these recent cyberattacks.

Trustifi, one of the most groundbreaking encrypted email providers in the industry, specializes in protecting corporations of any size. To sign up for Trustifi’s free 7-day trial, click here.

 

Trustifi does much more than just email security. Email tracking, certified email, and eSignature are just a few of the state-of-the-art services Trustifi provides. If you’re looking for a personalized demo, customized to your needs, click here.

Try Trustifi Today

For Individuals

Our Free Trial Is Forever Free

For Business

See if Trustifi Is Right for Your Organization

1 of 3 Part Email Dangers Blog Series: Business Security – Vendor Exposure

By Trustifi on Apr 18 2017

Certain industry types require extra security and data sensitivity. When you make your career in one of those fields you get used to certain standards when it comes to protecting the data that you process. But even the most diligent of us can inadvertently overlook securing sensitive information, or think the document that we’re emailing internally is relatively innocuous and not worthy of protecting.

In this four-part series, we’ll be talking about what you should be securing, encrypting, and tracking so that you can protect yourself, your business, and your clients.

What You Need to Know About Exposure — from Your Vendors

At every level of the organization, as long as an employee is picking up the phone, or sending and receiving emails, that employee is making security decisions for the organization every day. Despite the sophistication of technology and the cybercriminals that employ its use, old-fashioned social engineering is still the go-to resource for infiltrating an organization.

Let’s take a look at how a cybercriminal might use LinkedIn to breach your organization.

LinkedIn is actually one of the biggest resources for criminals seeking to subvert a company’s security. The nature of LinkedIn is for its users to remain open to they can be searched for by business connections, clients, and vendors. But that openness also exposes organizations to attack. The larger an employee’s social network increase their risk of attack as they build connections.

LinkedIn also makes it incredibly easy for a cybercriminal to impersonate a legitimate connection. Let’s say that you work for Acme Optics. Acme Optics has its own LinkedIn corporate page, so it’s fairly easy to determine what kind of service Acme Optics provides and what connections it’s making with other organizations, such as vendors and procurement sources (and remember — those connections are still made by humans at the ends of the terminals).

Our cybercriminal — we’ll call him Vlad — figures out that you work for Acme Optics, determines that Acme Optics gets its lenses from Shine Glass, and sends you a spoofed email from Shine. In three relatively simple steps, Vlad has convinced you to open an email and unknowingly download malware to your internal network.

One of the more insidious ways that Vlad may hurt your organization’s bottom line was discovered during the Yahoo breach, where auto-forward was turned on for thousands of accounts. These “set it and forget it” settings — that almost no one checks regularly — set Yahoo users’ up for years of exposure. Everything from grandma’s cookie recipe to last year’s tax filings was being auto-forwarded to hackers.

And that’s relatively easy to do on company servers, too — once you’ve been let in the back door via malware.

Fortunately, you can protect yourself and your organization by requiring your vendors send any attachments through a secure email lifecycle solution. By utilizing a secure solution, you can be assured that you and your vendors are protected through end-to-end secure email, lifecycle tracking, and dual validation technology.

Also, remember to “trust but verify.” Despite your familiarity with a vendor, even our most trusted associates are open to being spoofed. Vlad is depending on your trust to open that email. If you’re not sure why your vendor is sending you an attachment, pick up the phone and call to confirm that your vendor sent you an email. An ounce of prevention is worth a pound of cure.

 

Try Trustifi Today

For Individuals

Our Free Trial Is Forever Free

For Business

See if Trustifi Is Right for Your Organization