How Does Malware Get Installed on a Computer


Most malware gets installed doing seemingly normal activity

Common types of malware delivery techniques:

  • Security MalwareSoftware updates - Malware posts invitations inside social media sites, inviting users to view a video. The link tries to trick users into believing they need to update their current software to view the video. The software offered is malicious.

  • Banner ads - Sometimes called "malvertising," unsuspecting users click on a banner ad that then attempts to install malicious code on the user's computer. Alternatively, the ad directs users to a web site that instructs them to download a PDF with heavily-obscured malicious code, or they are instructed to divulge payment details to download a PDF properly.

  • Downloadable documents - Users are enticed into opening a recognizable program, such as Microsoft Word or Excel, that contains a preinstalled Trojan horse.

  • Man-in-the-middle -Users may think they are communicating with a web site they trust. In reality, a cybercriminal is collecting the data users share with the site, such as login and password. Or, a criminal can hijack a session, and keep it open after users think it has been closed. The criminal can then conduct their malicious transactions. If the user was banking, the criminal can transfer funds. If the user was shopping, a criminal can access and steal the credit card number used in the transaction.

  • Keyloggers - Users are tricked into downloading keylogger software using any of the techniques mentioned above. The keylogger then monitors specific actions, such as mouse operations or keyboard strokes, and takes screenshots in order to capture personal banking or credit card information.

Order Security ManualDownload Security Table of Contents

Infrastructure Strategy Electronic Forms CIO Policy Bundle IT Job Descriptions