Skip to content Accessibility

Attention! Investment scams are spreading. See more at: Investment fraud

How to recognise malware?

Malware is software designed to harm your device. For example, to encrypt data and charge you for unlocking it, use the power of your computer for mining cryptocurrency (for someone else’s benefit), steal information from your device or connect your device to a botnet to use it in subsequent attacks.

Malware

The most common way your device can be infected with malware is by opening an attachment or link in an email or a message. Malware-infected emails are in constant circulation, and every one of us has probably received an email or message intended for an attack, which directs you to click on an attachment or a link urgently. You should be careful with all emails and messages, even if they are from a well-known and trusted organisation or a friend. Read more about phishing emails here: Phishing.

Malware can be attached to an email or a message as an attachment or a link. Nowadays, malware can be hidden inside all types of files (Word, Excel, PDF, ZIP, JPG, PNG, etc.); surprises can also be hidden behind links, especially tiny URLs, so by clicking on an unknown file or a link, you could install malware on your computer.

There is a high risk of being infected with malware on websites that offer something for free that is usually a paid service, such as sports broadcasts, films, games, videos, etc. If you are on the hunt for free films, TV series, or broadcasts, be aware that sharing them is someone’s business where the commodity is not the film – it is your computer. If a website claims that you need to install a codec or other special software to view the content, it is very likely malware.

How can I avoid being infected with malware?

  • Keep your device as technologically secure as possible:
    • Use anti-malware software (antivirus software) on your device. Today, most popular operating systems include antivirus software – keep this functionality enabled on your device.
    • Set your device to automatically update the operating system and applications.
    • Download software only from the official app store of the manufacturer (Google Play, Apple App Store, Microsoft Store) and make sure you are using the latest version.
  • It is very easy to forge emails and text messages and send them posing as people you know. Be very careful with emails and text messages sent to you or links and files sent in messaging apps:
    • Only open the files and links you expect to be included in an email. Do not open files or web links in your computer that came with an unknown email – this is how malware spreads.
    • Check the link – does it take you to the page you want? Be particularly careful with tiny URLs, as it is not immediately obvious if the link is suspicious.
    • If a file or a link comes from someone you know who does not usually send them, use another channel to ask them about it.
    • If there is a link in the email to log in to a site, look up the site in a search engine and log in to your account through the official channel. If you have any doubts, call the customer service of the organisation at the phone number found on the official website and ask for more details about the message you received. Clicking on the link that accompanies the email could lead to the attacker’s site.
  • However, do not enter sensitive information or allow anything to be installed or downloaded into your device if you do click.

What should you do if you suspect malware?

  • You can suspect that your device has been infected with malware when it is operating differently than usual: it has new unknown programs, pop-up windows appear, the device has become slower, the battery is draining faster, etc.

  • If you suspect a malware infection, you should not use your computer or other smart device or connect the device with a network until it has been checked and the malware has been removed.

  • In order to check for suspected malware, the device should first be scanned with an antivirus program (for example, the Microsoft Defender software is available for Windows). If the antivirus software on your device does not show any malware but you still suspect malware, the safest thing to do is to reinstall the operating system in your device. In this case, all the files on the device will be deleted, meaning that files that need to be stored (photos, documents, etc.) should be saved to an external hard drive or elsewhere while taking into account the risk of moving infected files along with them.

  • If, for any reason, you still need to use the device, you should remove it from the network and assume that any data on the device and any external media connected to the device may have been corrupted (compromised). If the device is still connected to the network, you should assume that any data entered (such as passwords) will reach the attacker.

  • Any passwords stored or used in the suspect device must be changed. For example, if a user is logged into Facebook or Gmail on several different devices, they will have to log out on all devices after changing the passwords (feature: Log off from all devices). You can then log into trusted devices with a new password and should also use two-factor authentication (2FA).

  • If the device with suspected malware also stores bank card details, the bank should be informed of the possible leak and, if necessary, you should order a new card. You can also request new PINs for your ID card and Smart-ID. Please note! RIA does not recommend storing passwords and bank card details in a web browser – you should use a password manager instead.

  • If necessary, contact an IT specialist, a relative, or an acquaintance who is good with computers.

  • If you are a victim of account hijacking, ransomware, fraud, or other computer crime, contact the police and report the incident to the CERT-EE department of the Information System Authority.

Videos

1:30 min

Malware Prevention

Other topics

Security of smart devices

Secure remote work
Read more