In a world that’s increasingly digital, having robust antivirus protection for your valuable data is just as crucial as having a strong lock on your front door.
Every click, every download, and every website we visit is a journey into the infinite possibilities of the internet.
But with each of these interactions, we expose ourselves to the risks of cybersecurity threats. Ransomware, adware, phishing scams, and spyware risks are common villains that lurk in the shadows of the internet, eagerly waiting to disrupt our smooth journey.
In this article, Your Online Choices explores these invisible adversaries and the mighty defences you can deploy to keep them at bay. You’ll:
Understand various cyber threats like ransomware, spyware, adware, and phishing scams.
Realise the critical role of antivirus protection in guarding against these threats.
Learn how antivirus software detects, blocks, and removes threats.
Pick up good online practices like avoiding suspicious links and using strong passwords to improve malware defence.
1 – The Terrifying Reality of Ransomware
Imagine that you’re casually using your computer, perhaps working or just surfing the internet, when out of nowhere, all your files become inaccessible. In place of your data, there’s a ransom demand.
This is the basic idea behind ransomware. It’s a type of malicious software that cybercriminals use to take your data hostage.
Here’s how it typically goes down:
You might accidentally download the ransomware by clicking on a misleading link in an email or a website, or it might sneak onto your computer hidden inside software you think is safe.
Once it’s on your computer, it starts encrypting your files—think of it like putting them into a digital safe, and only the bad guys have the combination.
The ransomware springs its trap. You’ll get a message saying your files are locked, and you need to pay—often in untraceable cryptocurrency like Bitcoin—to get them back.
In Australia, we’ve seen cases like the “Petya” ransomware attack that significantly impacted the operations of Cadbury’s chocolate factory in Tasmania in June 2017.
The attack caused a computer system shutdown that halted production processes at the plant. Instead, the infected computers displayed a notification that required a Bitcoin payment of $300 as ransom.
Once the payment was made, the individuals needed to forward evidence of the transaction to a specified email address.
Though employees reported to work the morning following the attack, operations were still on hold.
In a subsequent SEC filing, Mondelez International, Cadbury’s parent company, revealed that they had incurred incremental costs amounting to $84 million as part of their recovery endeavour.
Below is the statement citing the negative impact on their net revenue growth as well:
Malware Incident
On June 27, 2017, a global malware incident impacted our business. The malware affected a significant portion of our global sales, distribution and financial networks. In the last four days of the second quarter and during the third quarter of 2017, we executed business continuity and contingency plans to contain the impact, minimize damages and restore our systems environment.
To date, we have not found, nor do we expect to find, any instances of Company or personal data released externally. We have also restored our main operating systems and processes and enhanced our system security.
For the second quarter of 2017, we estimated that the malware incident had a negative impact of 2.3% on our net revenue growth and 2.4% on our Organic Net Revenue growth and we also incurred incremental expenses of $7 million as a result of the incident.
We recognized the majority of delayed second quarter shipments in our third quarter 2017 results, although we permanently lost some revenue. On a 2017 full-year basis, we estimated the loss of revenue had a negative impact of 0.4% on our net revenue and Organic Net Revenue growth.
We also incurred total incremental expenses of $84 million predominantly during the second half of 2017 as part of the recovery effort. The recovery from the incident was largely resolved by December 31, 2017 and we continued efforts to strengthen our security measures and enhance general information technology, business process and disclosure controls.
This global attack caused a ripple effect of disruption, proving that ransomware isn’t just an issue for individual users, but for businesses and industries as well.
It’s an invasive and potentially damaging experience, one that antivirus software is specially designed to protect you against.
Antivirus software usually contains a database of known ransomware signatures—the unique identifiers of each type of ransomware. It constantly scans your computer, comparing files and programs to this database.
“Buying antivirus software is like buying insurance: It’s important to make a good choice now just in case you need the assistance later.”
Peter H. Gregory
If it finds a match—say, you accidentally download a file with a ransomware signature—the antivirus software jumps into action. It isolates the file, preventing it from spreading or doing any damage, and then safely removes it from your system.
Moreover, modern antivirus software doesn’t just rely on known signatures. They use sophisticated machine learning algorithms to identify abnormal behaviours or characteristics that might suggest new or evolving ransomware.
This is particularly crucial, given how quickly cybercriminals develop new forms of attack.
Though ransomware attacks are a real and growing threat in our digital world, you’re not defenceless. Take the first step towards fortifying your defences by investing in reliable antivirus software today.
2 – Phishing Scams: A Deep Dive Into Online Fraud
Phishing scams are one of the most common cyber threats out there, using tricks and illusions like email spoofing to steal your credentials. Usually, they will masquerade as a familiar figure, such as a service provider, a bank, or even a colleague in your inbox.
“For the average home-user, anti-virus software is a must.“
Kevin Mitnick
Here’s a rundown of the different disguises they wear:
Caught in the Net: Deceptive Phishing
Deceptive phishing is the most common type. It involves getting an email that seems to be from a well-known company, but it’s not. It’s a scammer in disguise.
They lure you to click a link, which leads to a fake website where they can steal your login details or other sensitive information.
An example is scammers who frequently purport to be from the Australian Taxation Office (ATO). In October 2021, fraudsters emailed individuals, claiming that they were eligible for a tax refund.
They requested that the recipients fill out a form attached to the email with their financial details to facilitate the refund process.
Targeted Attacks: Spear Phishing
Spear phishing attacks are notably more tailored than generic phishing campaigns. Instead of casting a wide net, cybercriminals narrow their focus on specific individuals or companies.
Armed with details—maybe your recent online purchase or a project at your workplace—they craft seemingly genuine emails.
On 9th November 2018, a senior employee at the Australian National University (ANU) received a phishing email from hackers, which a colleague of theirs previewed. This gave the hackers access to the username, password, and calendar of the senior staff member.
They proceeded to send out a series of emails to 10 individuals at ANU, accessing a directory containing emails, phone numbers, and job titles of people at the institution.
As a result, they obtained the username and password of a network administrator. This allowed them to extend their attack.
The university was finally able to kick the hackers out of the network on December 21, though the full extent of the attack was undetermined.
Reeling in the Giants: Whaling
Whaling attacks, as the name suggests, target the “whales” of an organisation: the top executives or high-ranking officials.
These are not your average phishing attempts; they are meticulously planned operations, often involving in-depth research on the target. The endgame usually involves extracting large sums of money or gaining access to sensitive corporate information.
For instance, in 2016, a finance executive at an Austrian aerospace firm FACC AG fell victim to a whaling attack that cost the company over €50 million.
The scammer posed as the then CEO, Walter Stephan, requesting a significant financial transfer for a supposed “acquisition project”—highlighting the grave repercussions of such sophisticated scams.
Along with the financial loss, the organisation let go of the staff involved including the executive who sent the money, the CFO, and CEO Walter Stephan.
During this incident, FACC managed to block €10 million from being transferred. This amount was frozen in various accounts in different countries.
However, in a 2019 interview with the management board, CFO Aleš Stárek revealed that the process of returning the frozen funds to Austria was still ongoing and likely to continue beyond 2020.
This illustrates the crippling consequences of whaling attacks.
Phishing emails can sometimes be hard to spot, but there are a few common signs you can look out for:
Unfamiliar senders: The email comes from someone you don’t know or an organisation you don’t have a relationship with.
Urgent action required: Often, these emails create a sense of urgency, saying you need to act quickly to avoid a consequence like a closed account or a penalty.
Spelling and grammar errors: These are common in phishing emails, as many originate from non-English speaking countries.
Mismatched URLs: If you hover over a link in the email (but don’t click!), the actual URL may be different from the one displayed in the email.
Requests for personal information: Legitimate organisations generally don’t ask for sensitive information via email.
So, how do we protect our privacy and identity? By staying alert. Any email that looks suspicious or comes from an unknown sender should be a red flag. Especially if it has an attachment or a link. Don’t click on it.
Keep your antivirus software updated, too. Antivirus programs help protect against phishing through:
Real-time scanning: Antivirus software continually scans incoming emails for signs of phishing, such as spoofed email addresses or malicious links.
Link evaluation: The software can evaluate the links in an email and alert you if they lead to unsafe websites.
Spam filters: By automatically filtering out spam, many potential phishing emails can be removed before you ever see them.
User alerts: If you accidentally click on a malicious link, antivirus software can detect the dangerous site and alert you before any damage is done.
Regular updates: Antivirus software is regularly updated to recognize the latest phishing techniques and dangerous websites.
Expert Tip: The best protection against phishing is a combination of up-to-date antivirus software and your own awareness and vigilance.
3 – Adware Attacks: The Sneaky Side of Online Marketing
Imagine you’re settling into your chair, ready to unwind after a long day. You’ve got a cup of your favourite tea next to you, and you’re ready to dive into the latest episode of your favourite online series.
You click on the play button, eagerly anticipating the plot twist you’ve been guessing about all day.
But, instead of the opening credits, your screen is overrun with pop-ups.
Ads for irrelevant products are blocking your view, effectively spoiling your moment of relaxation. This is the handiwork of adware.
Adware is malicious software designed to intensively display ads and track user data. Here are some key features to watch for:
Pop-up ads: intrusive, often full-screen ads that appear when browsing websites or using applications.
Browser hijacking: redirecting users away from intended sites and changing browser settings without permission.
Malicious links & suspicious downloads: these are usually disguised as harmless links or downloads but actually contain viruses or other malicious content.
Once the adware is in, it starts to meddle with your online experience. It’s like an annoying salesman who won’t leave you alone, showing you ad after ad while you’re trying to browse. The ads may conceal the content you want to read or redirect you to malicious websites.
These ads aren’t just annoying. When the adware is busy displaying ads or tracking your browsing data for marketing purposes (yep, they do that, too), it’s using up your system’s resources, which can make your computer sluggish.
The more resources the adware uses, the less there are for your computer to run smoothly. The result is a slow, frustrating user experience that can make you want to pull your hair out.
According to the Digital Citizens Alliance, mal advertising can provide hackers with access to your computer. This allows them to convert your computer into a bot that silently visits websites, engaging with advertisements by loading and clicking on them.
You, unaware of the situation, are puzzled by your computer’s sluggish performance, not realising it’s being used to browse the web and interact with ads, thereby generating revenue for the bot’s owner.
Fortunately, with the right antivirus program in place, you can block these types of threats before they have a chance to cause any real damage to your device.
Antivirus programs also scan for any existing adware on your computer so you can be sure all malicious files are deleted safely and securely from your device.
4 – Spyware: The Invisible Intruder in Your Devices
Spyware is a type of malicious software that collects and transmits data from your computer without your knowledge or consent.
It slips into your computer, unnoticed, through things like email attachments, downloads, or even those pesky pop-up ads and browser redirects. And then, before you know it, it’s quietly rifling through your data, sending it off to who knows where without your knowledge or approval.
You can guard against spyware by conducting regular sweeps of your computer with reliable antivirus software.
The antivirus patrols the digital corridors of your computer, looking for suspicious activity, such as unfamiliar apps running in the background or sudden changes to settings. These are some signs of spyware trying to be sneaky.
It’s also important to remember that we, ourselves, play a crucial role in our computer’s security.
Avoid suspicious emails and websites.
Regularly update your software and operating systems. This is similar to periodically checking and maintaining the locks on your doors and windows.
Use secure, unique passwords for each of your accounts. Think of it as installing different locks on every door. This makes it more difficult for hackers to gain entry.
If you ever find spyware red-handed on your computer, use specialised antispyware programs like Norton 360 to kick it out or call in the pros (technical support) if needed. Don’t ignore warning signs like a slow computer or unexpected pop-ups.
With a bit of vigilance and an antivirus program, you can guard your digital life against these sneaky digital pickpockets. Take those proactive steps now, and save yourself a whole heap of headaches later.
5 – Trojan Horses: The Deceptive Malware Lurking in Plain Sight
Trojans are a type of malware that can sneak into your device without your knowledge.
They’re usually disguised as innocent-looking programs or files, and once they’re inside they open up a backdoor to allow hackers to gain access to your system and launch malicious attacks.
For instance, attackers might use this access to steal sensitive data, like credit card information, login credentials, or personal identity information—leading to identity theft or financial loss.
On top of these threats, Trojans can also severely impact system performance. They can cause your computer to run slower, crash, or behave erratically. And since they’re designed to stay hidden, the first signs of a Trojan infection might be these performance issues.
An example is the ZeroAccess Trojan that infects the Master Boot Record (MBR) of a computer.
When malicious software infects the Master Boot Record (MBR) of a computer, it embeds itself into a fundamental part of the system’s startup process.
This means that the malicious software can load before the operating system and any security software, giving it a high level of control over the system.
It can potentially hide from antivirus programs, manipulate the operating system, and execute other malicious actions without detection.
Learn more about this type of virus in the video below:
To protect yourself against these threats, it’s important to have antivirus software in place that can detect, block and remove Trojans from your device.
Here are 4 key ways antivirus software keeps you safe from Trojan Horse attacks:
Vigilant Detection of Hacking Instruments
Antivirus programs like Kaspersky Plus and Bitdefender Antivirus Plus are designed with sophisticated algorithms that allow them to detect suspicious activity from common hacking tools such as remote access Trojans (RATs) and keyloggers.
Having an antivirus program in place is essential for blocking them before they can do any damage.
Protection From Malicious Script Attacks
Many Trojans contain malicious scripts that allow attackers to execute code on your machine without you knowing.
Antivirus programs have intrusion detection capabilities and can block these scripts before they cause any harm.
A real-world example of malicious scripting can be seen in the Conficker worm, which affected millions of computers worldwide in 2009, including those in the Australia and New Zealand Banking Group.
It exploited a vulnerability in Windows OS to spread and could download additional malicious files to infected systems.
Security updates and antivirus software were vital in protecting systems from this threat.
Removal of Stealthy Backdoor Viruses
Backdoor viruses allow hackers to bypass the normal authentication process and gain access to sensitive data stored on your machine.
An example of backdoor malware is NotPetya, a wiper malware that struck in June 2017. The malware used a backdoor in the Ukrainian accounting software MeDoc to spread.
The attackers compromised MeDoc’s software update system, using it to launch a massive, destructive attack.
Though the initial target was Ukrainian businesses, the malware spread rapidly worldwide, affecting numerous high-profile organisations. This included Maersk, which was unable to receive new orders or oversee the operation of its group of shipping vessels
However, good antivirus programs possess virus prevention features. Malwarebytes, for instance, uses real-time protection to protect users from backdoor attacks.
Fortifying Against Code Injection Attacks
Code injection is a form of attack where malicious code is injected into a vulnerable application or website for the attacker to execute commands on the server without the user’s knowledge.
With the help of an antivirus program, this type of attack can be prevented by scanning websites for malicious content before allowing users to access them.
Bitdefender for instance, includes a feature called Advanced Threat Defense that uses behavioural detection techniques to monitor active apps closely. If anything suspicious occurs, such as attempts at code injection, it will take immediate action to block the given application.
Stay Vigilant: Not all antivirus programs will have all the features to protect against the varied threats discussed here. Be sure to research and choose software that suits your specific needs.
Becoming Cyber-Secure: Antivirus, the Superhero of the Digital Era
From blocking unwanted ads to preventing mysterious spyware, antivirus software is your digital superhero. Besides enhancing software safety, it halts ransomware and tames Trojans, fortifying your digital world.
The table below provides a summary of the key threats discussed in the article and the protection received from antivirus software.
Threat
Antivirus Protection
Malware
Real-time scanning and removal
Phishing
Email and website link analysis
Ransomware
Behavior monitoring and encryption
Spyware
System scans and data leakage checks
Trojans
Malicious code detection and removal
But remember, even superheroes can use a helping hand.
While antivirus software works round the clock to shield you from countless cyber threats, let’s not forget the good old principles of cybersecurity. Practise safe browsing, keeping an eye out for suspicious links and emails.
Did You Know: Companies such as Google, have strategies in place to alert you to malware, risky extensions, phishing, or sites on lists of potentially unsafe sites.
Also, remember to keep all your software in shipshape, regularly updating them. Think of it as keeping the superhero’s gear in prime condition, ready for the next face-off against cyber villains.
And lastly, passwords. Treat them like secret codes to your hidden treasure—make them strong, keep them safe, and whatever you do, don’t reuse them.
Antivirus software, fortified by these good practices, forms a formidable defence line against common cyber threats. But just as every superhero has unique abilities, every antivirus software offers different protections. So, it’s crucial to find the one that fits you like a glove.
Don’t leave your digital life to chance. Choose your antivirus software today, and give your data the protection it deserves.
Hi, my name is Dale Williams, and I am passionate about raising awareness surrounding safety and privacy online. I believe that your information should always be protected and kept as secure as possible. I decided to set up this blog to be used as the ultimate guide to the choices you make online.
