Common Malware Threats, And How to Mitigate Them

Common Malware Threats, And How to Mitigate Them

Common cyber-security attacks, how to spot them andpreventative measures

Cyberattacks appear in many guises and recognising the most common malware can help youto ensure that you are taking the correct precautions to safeguard yourbusiness from costly downtime. Here’s our guide to some of the most commonattacks, their symptoms and preventative measures.


A virus might corrupt, stealor delete data – including passwords; wipe an entire hard drive, hijack yourbrowser or disable security settings. Symptoms of a virus include slow computerboot-up, independent restarts, or repetitive crashes. Disappearing data, filesor programmes are a red flag, as is an unexpected change to your internetbrowser’s homepage.

Often highly infectious,this type of attack spreads through your network and connected computers. Downloadedunwittingly via a malicious website or online advertising banner and carriedvia emails to other networks; this type of attack can blight your entire supplychain.

Anti-Virus programmes willprotect you from the majority of virus dangers but, just like the common cold,they quickly evolve so you can never be 100% safe. Larger enterprises caninstall a second security layer to mitigate risks by spotting and blockingmalicious servers and web traffic. These systems can also be programmed toautomatically respond to breaches; for example, by shutting down networksegments or disconnecting individual computers and devices.


Ransomware restricts accessto files and displays a message that demands payment in return for theirrelease; the threat being permanent deletion of the files if the payment is notmade. Often this message indicates that the action has been taken by anofficial body, such as the police, and that failure to pay the fine will resultin prosecution. The WannaCry attack on the NHS in 2017 is a high-profileexample.

Never pay the ransom (it isunlikely that files will ever be released). This threat is likely to require supportfrom an IT engineer and, in some rare cases, the ransomware can be removed,data recovered, and the machine repaired. The more likely scenario will rely onback-ups; so, it’s important to have a recovery plan in place, back-up yourfiles regularly and routinely test your back-ups.


Phishing scams attempt totrick a victim into giving out personal information such as bank details; oftenvia phone, email or text and with a message that appears to be from alegitimate source. Successful attacks can lead to significant financial loses.There are various, more sinister forms of phishing, and scammers are gettingever-more imaginative – a few examples;

•Spear Phishing: the perpetrator poses as colleague, customer or anothertrusted person, usually guiding the victim to a malicious website where theywill download malware onto their computer.

• CEO Fraud (sometimes called ‘Whaling’): the attacker poses as a CEO or senior manager to target an individual in the business with an urgent request to transfer funds or confidential information.

The best protection against phishing is to educate your employees to spot and respond appropriately to suspicious activity. There are also programmes available on the market that can support prevention, such as by flagging suspicious-looking email addresses and messages sent from external sources, quarantining suspicious URLs and filtering attachments.

Prepare for the worst and hope for the best

This is far froman exhaustive list of malware; scammers are increasingly imaginative andtherefore it’s vital to have anti-virus programmes installed, and a robustrecovery plan in place should the worst happen. Best practice dictates thatregular scanning of your infrastructure for malware is a must, as ismaintaining back-up processes whilst keeping on top of security patches andsoftware updates.

Get in touch

The Systems Assurance team is on-hand when you need to review and update your malware security systems and ensure that your business and data are as safe as they can be. Give us a call on 0114 292 2911.

Subscribe to our blog…

We will only use your email to send you new blog posts.