Security Technology Explained

Viruses, Spyware, Malware, etc. Explained: Understanding Online Threats

Bryan Clark 26-03-2015

When you start to think about all the things that could go wrong when browsing the Internet, the web starts to look like a pretty scary place. Luckily, Internet users as a whole are getting far more savvy, and better at recognizing risky online behavior.


While pages with a dozen download buttons – or auto-checked boxes that tricked us into downloading things we didn’t want – are no longer quite as effective as they once were, that doesn’t mean there aren’t hackers out there right now trying to come up with new methods of deception The Latest Internet Security Threats That You Should Be Aware Of Security threats have increasingly come from new directions and that isn’t looking set to change in 2013. There are new risks you should be aware of, exploits of popular applications, increasingly sophisticated phishing attacks, malware,... Read More . In order to protect ourselves from these threats it’s important to understand just what they are, and how they differ.

Let’s dive in.

Understanding Online Security Threats and How They Differ



Malware is short for malicious software. This means that while most of us refer to these threats as viruses, the correct catch-all term should indeed be malware. Malicious software comes in many forms, but malware itself is a general term that could be used to describe any number of things, such as viruses, worms, trojans, spyware, and others. In short, it’s a program or file with bad intentions, the nature of which could encompass just about anything.

Luckily, malware is exactly what all of the most popular antivirus programs are looking for. Getting affected by malware happens, and it doesn’t have to be catastrophic. Learn the right protocol for dealing with malware 10 Steps To Take When You Discover Malware On Your Computer We would like to think that the Internet is a safe place to spend our time (cough), but we all know there are risks around every corner. Email, social media, malicious websites that have worked... Read More , and how to avoid it in the first place 7 Common Sense Tips to Help You Avoid Catching Malware The Internet has made a lot possible. Accessing information and communicating with people from far away has become a breeze. At the same time, however, our curiosity can quickly lead us down dark virtual alleys... Read More for the safest browsing experience.




Viruses consist of malicious code that infects a device after you install a software. Typically this infection happens through USB drives, Internet downloads, or email attachments, but it can happen in numerous other ways as well. It’s important to note that the infection doesn’t actually occur just from having the infected files on your computer. The infection happens once the program runs for the first time, whether through Autorun, a manual install, or an executable file that the user opens.

Once opened – or run – the infection happens. From that point, it can be very difficult to find and rid yourself of the virus due to the nature in which it works. While actual details are virus-specific, they tend to replicate themselves and infect the file system of the device they reside in by spreading from file to file before they are inevitably – and usually unknowingly – passed on to another machine.

Unlike other threats, viruses have no other purpose than attempting to render your computer inoperable. Some of them have A Brief History Of The 5 Worst Computer Viruses Of All Time The word "virus" and its association with computers was affixed by American computer scientist Frederick Cohen who used it to describe "a program that can 'infect' other programs by modifying them to include a possibly... Read More been particularly good at it. Most others are quite weak and easy to detect.


Oh, and it should be pointed out – due to popular opinion – that Macs aren’t immune to viruses 3 Signs Your Mac Is Infected With a Virus (And How to Check) If your Mac is acting weird, it could be infected with a virus. How can you check for a virus on your Mac? We'll show you. Read More .



While relatively benign in most cases, adware might be the most annoying of the threats we’ll talk about today.

Adware is bundled with otherwise legitimate apps or software, which makes initial detection somewhat difficult. A common example is the checkbox at the bottom of a download link (often pre-checked) that asks if we want to “Include X for free” – well, “X” is often the program containing the adware. This isn’t a hard and fast rule, but it’s not uncommon. If you aren’t sure what these additional programs are, or how they function, don’t download them.


Adware infections are also possible through no fault of our own. Recent stories detail at least one major manufacturer including adware – or an adware-like browser hijack – in their computers by default. While Lenovo, and Superfish Lenovo Laptop Owners Beware: Your Device May Have Preinstalled Malware Chinese computer manufacturer Lenovo has admitted that laptops shipped to stores and consumers in late 2014 had malware preinstalled. Read More are the exception, rather than the rule, it’s important to note that these threats happen and often times there isn’t much we can do about it.

Trojans and Backdoors


Trojans were named after the Trojan Horse, which was a giant wooden horse used to conceal Greek soldiers as they entered Troy during the Trojan War. History lesson aside, this is the same way that a trojan damages your computer. It hides malicious code inside a seemingly innocuous program or file in order to gain access to your machine. Once inside, the program installs itself on your device, and communicates with a server in the background without your knowledge. This gives an outside party access to your computer through what’s commonly referred to as a backdoor.

While giving an outside party access to your computer is scary in and of itself, the implications of what they could be doing Why Email Can't Be Protected From Government Surveillance “If you knew what I know about email, you might not use it either,” said the owner of secure email service Lavabit as he recently shut it down. "There is no way to do encrypted... Read More with this access is even scarier. What complicates matters is the small footprint that these backdoors leave, which keeps the user completely in the dark that any privacy breech is even occurring.


One benefit of a backdoor is the nature in which they operate. Since the hacker must connect to your machine remotely, they won’t be able to do this if you disable the Internet connection while you attempt to locate and remove the malicious code.



Spyware is the most common piece of badware on the Internet. While it’s quite deceptive in nature and a major annoyance, most spyware is relatively harmless. Typically, spyware is used to monitor browsing behavior in order to better serve relevant ads. What makes it bad is how these companies go about collecting your data How to Protect Yourself From Unethical or Illegal Spying Think that someone is spying on you? Here's how to find out if spyware is on your PC or mobile device, and how to remove it. Read More . Rather than relying on tracking pixels – or cookies – like most major companies, spyware acts like more of a trojan in that you install it and it communicates data from your computer back to a server, all while most of us are completely oblivious to its presence in the first place.

Other, more malicious forms of spyware, are far more dangerous. While typical spyware is mostly used for ad-serving purposes, malicious spyware communicates sensitive data back to another user, or a server. This data can include emails, photos, log files, credit card numbers, banking information, and/or online passwords.

Spyware is most often downloaded by the user as part of an add-on to a legitimate download (such as a toolbar) or included as part of a freeware or shareware program.

Scareware and Ransomware


Scareware and ransomware differ in their approach, but the end goal for both is to collect money by manipulating the user into believing something that’s often untrue.

Scareware most often takes the form of programs that pop up and tell you that your computer is infected with some sort of malware. When you click to remove the (often) multiple instances of malware, you are forced to pay to purchase the full version before the program can clean your system and rid it of the infections or threats.

Ransomware operates a bit differently in the sense that after the malicious software is installed, it’ll often lock down your system outside of a window that allows you to pay the ransom in order to regain use of it. While ransomware is generally among the easiest threats to remove Don't Pay Up - How To Beat Ransomware! Just imagine if someone showed up on your doorstep and said, "Hey, there's mice in your house that you didn't know about. Give us $100 and we'll get rid of them." This is the Ransomware... Read More , it can be quite scary for a non-savvy computer user. As such, many believe that they must give in and pay the ransom Avoid Falling Victim To These Three Ransomware Scams Several prominent ransomware scams are in circulation at the moment; let's go over three of the most devastating, so you can recognise them. Read More in order to regain control of the machine.



Worms are by far the most damaging form of malware. While a virus attacks one computer and relies on a user to share infected files in order for it to spread, a worm exploits security loopholes in a network and can potentially bring the whole thing to its knees in a matter of minutes.

Networks with security vulnerabilities are targeted by introducing the worm into the network and allowing it to pass (often unnoticed) from computer to computer. As it passes from one device to another, the infection spreads until each machine is infected – or – the worm is isolated by removing the infected machines from the network.

Unnamed Exploits, Security Flaws and Vulnerabilities

No matter how competent the developer, every program has security flaws and vulnerabilities. These security flaws allow hackers to exploit them in order to gain access to the program, alter it in some way, or inject their own code (often malware) within it.

If you were ever wondering why programs had so many security updates, it’s because of the constant cat and mouse being played between developers and hackers. The developer attempts to find, and patch, these holes before they’re exploited, while the hacker attempts to exploit security flaws before they’re discovered and patched by a developer.

The only way to stay even remotely safe from these exploits is to keep your operating system and each of your programs up-to-date by installing updates as they become available.

Staying Safe Online


If you’re using the web, there’s no foolproof method to avoid all online threats, but there are certainly things you can do to make yourself safer.

Some of these are:

Again, if you spend any portion of your time on the web, it’s unlikely that you can completely protect yourself from all the badware out there. While infections and exploits can – and do –  happen to anyone, I don’t think any of us would argue that we could stay a little safer with subtle changes in our browsing or computer use habits.

What are you doing to keep yourself safe from threats and exploits online? Are there any specific programs or apps that you use for online security? Please help keep the rest of us safer online by sharing any tips you have in the comments below!

Photo credit: Computer Virus via Shutterstock, Warning! by Paul Downey via Flickr, Virus by Yuri Samoilov via Flickr, Annoying pop up via Shutterstock, Hackers – Seguridad by TecnoDroidVe via Flickr, Toolbars by mdornseif via Flickr, Malware by mdaniels7 via Flickr, Dual Crash by Dr. Gianluigi “Zane” Zanet via Flickr, Caps Lock by DeclanTM via Flickr

Related topics: Anti-Malware, Computer Security, Online Security, Spyware.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Bob Myers
    March 8, 2017 at 3:08 pm

    Dear Ma'am or Sir,

    Ref: Your Tue, 7 Mar 2017 23:14:01 +0000
    Subj: Longform articles

    1. I clicked on: Click here to view all of our longform articles. The response from [Broken URL Removed] was: Server not found - Firefox can’t find the server at makeuseof.

    2. I clicked on: Longform articles. The response was the same.

    3. I was unable to find a "Search" or "contact" button.

    Request advise next steps to access longform articles.


    Bob Myers

  2. Amara shah
    December 21, 2016 at 5:23 pm

    outclass managing..

  3. jimvandamme
    April 1, 2015 at 7:55 pm

    Step one: don't use Windows.

    Fortunately, your PC will run one of the 300 distros of Linux, so start by picking the one that appeals to you. And there's some nice articles right here on makeuseof.

    • Bryan Clark
      April 28, 2015 at 7:24 am

      Well done, Jim. I think you've got a future here.

    • jimvandamme
      April 28, 2015 at 2:38 pm Captain Obvious??

      • JT
        December 29, 2016 at 4:52 pm

        - or maybe not.

        I think Jim just wasted his chance.

        • nonames
          February 4, 2017 at 6:59 am

          I'm just here to continue the discussion about Jim.

  4. Erlis D.
    April 1, 2015 at 1:29 pm

    Actually I think keyloggers and rootkits should have been mentioned too, since they are really dangerous and sometimes even harder to detect. Anyway, I use ESET Smart Security as an antivirus (also malware, spyware... detector/cleaner). Honestly, I find ESET one of the best antiviruses out there. Yet, it doesn't get that much attention. I sometimes scan my system with other software like AdwCleaner and HitmanPro just to make sure everything is ok. As for the browser, I use adblock to block ads, but I've also customized it to block ("blacklist") malicious websites. To conclude I check my system from time to time for any suspicious activity (like IPs with a lot of traffic or suspicious ones), and also use OpenDNS for more secured browsing and online activity. I don't know what can be done to be more secure?
    I also think that being secure is also believing in some company that tries to keep you secure. For example, what if one day ESET gets hacked or OpenDNS, and all my security set-up will be screwed up?

    • Bryan Clark
      April 28, 2015 at 7:23 am

      It sounds like you go out of your way to be as secure possible. In all honesty, I don't think there's a lot more you could do without significantly altering your browsing experience. Well done.

  5. Andy
    April 1, 2015 at 9:08 am

    You can just use a computer for what it was designed for, as opposed to a form of entertainment come telephone and shopping facility.

    • Bryan Clark
      April 1, 2015 at 10:53 am

      Yeah, but I don't think most of us buy computers to be glorified calculators.

  6. Doc
    March 29, 2015 at 4:33 pm

    Glad to see worms mentioned here, one type of malware that usually gets overlooked.
    Worms are the #1 reason you can't run a PC (at least a Windows PC) without antivirus - no amount of "careful browsing" and "I don't download software" will protect your PC - the worms will get in no matter what you do or don't do.
    Anyone who says "I don't need antivirus/antimalware" doesn't deserve to have a PC. They just become part of somebody's botnet, sending spam and viruses to other people.

    • Michael Dowling
      March 30, 2015 at 10:35 pm

      "..the worms will get in no matter what you do or don’t do." Not necessarily so.Use a good sandboxing program as an additional layer of protection along with your antivirus. Sandboxing programs are especially useful for Zero Day exploits and other novel malware that your anti-virus can only play catchup with.I use Sandboxie,and although I have gone to some scuzzy sites,I can't remember the last time I had a malware infection.

    • Bryan Clark
      April 1, 2015 at 10:53 am

      Indeed. When researching this post I was surprised at just how infrequently worms were mentioned. With the amount of damage they can do to a network, you'd think more people would talk about what a threat they are.

    • Doc
      April 1, 2015 at 2:00 pm

      I'm more appalled at the number of users who arrogantly insist "I don't surf shady sites, I don't open attachments in emails, and I keep my PC patched, I don't need an antivirus! I even disable Windows Defender, I'm so smart!"
      Then they wonder who's sending all the spam emails and participating in botnets doing DDOS attacks. It's YOU, you moron!

    • notyouraverageuser
      April 7, 2015 at 11:43 pm

      Hey Doc, I've been running AV free (that doesn't mean protection free) for the past 5 years atleast and I haven't had a single infection. I do regular checks with malwarebytes on top of manually auditing my whole system every now and then to make sure everything is clean and not once have I found anything and trust me, if there was something I would've detected it doing low level drive and boot loader checks. I sandbox everything I haven't extensively verified to be clean and cleaning PC's of malware (among other things) is what I do for a living.

    • Doc
      April 9, 2015 at 8:08 pm

      @notyouraverageuser: Good luck with that. I've seen a Windows 2000 Server install without antivirus get hit with MIRC bots, phantom user accounts, and who-knows-what just sitting there - nothing being done on the system except backups and file/printer sharing, no Web browsing, no one using the system but me.
      I'm glad you're scanning regularly with MWB, but not having "real-time" protection except Windows Defender (which even ***Microsoft*** says is inadequate) is not a good idea. All it takes is one missed manual check and your PC will be compromised...and one missed check leads to another, and pretty soon you've joined the legion of zombie PCs sending spam and passing along the worms that got you.

  7. likefunbuntot
    March 26, 2015 at 5:35 pm

    You forgot to mention that advertisements with malicious scripts attached account for a sizable portion of attacks.

    Internet Advertising is handled through broker services. Sites are paid by brokerages for space in which to deliver ads. The brokers are paid by advertisers. The advertisers pay ad agencies to create the ads. The ad agencies pay artists and programmers to actually do that work. No one anywhere in that chain meaningfully audits the work that's done, so it's very easy to slip in some extra code to exploit vulnerable web clients.

    The easiest way to stop that particular attack vector is simply to block as many ads as possible. If your computer doesn't talk to inherently untrustworthy advertising servers, users won't get malicious scripts from them.

    I'd argue that this is more effective for stopping real-world internet threats than any other single option available.

    • Bryan Clark
      April 1, 2015 at 11:01 am

      You're right, these are where a significant percentage of threats come from, but they were mentioned (download buttons, auto-checked boxes, etc.). I honestly felt it kind of irrelevant that they were ads, and instead just focused on pointing out what the user needs to be aware of. That said, I don't disagree that it might have been worth including. Thanks for your opinion.

      Just for clarity (if anyone reads the comments)...

      These ads are know as CPA - or cost per action - ads, and they pay the webmaster when users complete a task after clicking an ad (download a toolbar, software, input an email address, etc.).