Skip to Main Content Skip to bottom Skip to Chat, Email, Text

Types of malware and how to prevent it

At a glance

  • Malware is an intrusive computer program that can steal sensitive information or damage your computer system.
  • There are different kinds of malware, such as adware, fileless malware, Trojans, viruses, worms, bots, ransomware, spyware and rootkits.
  • Preventive measures (think firewalls and common sense when opening emails) offer an antidote to malware and its consequences.
  • Learn more about stopping malware attacks through online cybersecurity programs at University of Phoenix

Understanding malware

Malware, or malicious software, is an umbrella IT term that refers to different types of intrusive computer programs that steal sensitive information or damage computer systems. Hackers commonly use malware to force their way into a device or network and compromise normal device functionality.

As cybersecurity technology evolves, hackers are growing more aggressive in distributing hostile malware and more clever at devising social engineering schemes to disguise malware attacks as benign messages. Today, more than 1 billion malware programs currently circulate in computer systems across the web. Though annual malware attacks are down year over year, the attacks themselves are costly.  For example, ransomware attacks cost an average of $4.54 million in 2021.

Here are the most common types of malware in circulation, along with information on how it can affect your device — and how to prevent it.

Types of malware and preventive measures


One major form of malware is adware, which will display — or even download — advertisements to your device. Adware often reaches your device through a search engine or web browser. As a malicious form of advertisement software, adware promotes unwanted ads as you use your device. This can appear when you use applications that don’t traditionally feature advertisements.

You can prevent adware with a proactive approach. For example, regularly update your device and your programs and avoid downloading files from unknown sources. You can also avoid adware by navigating away from pop-up ads.

Fileless malware

Your device’s programs can also become a cybersecurity threat. Fileless malware infiltrates a computer or device through legitimate applications by “piggybacking” onto scripts.

Sometimes, this happens when you click a particular link in an email or on social media platform and fileless malware downloads onto your device. Then it waits until you open the application to begin infecting your device, or it damages your files without you ever engaging with the program.

Fileless malware can be hard to detect since it’s memory-based rather than file-based.

Fileless malware prevention begins with proactive standards. Avoid opening suspicious links in unfamiliar emails or on social media platforms. Consider disabling applications you don’t actively use to limit the damage if any applications become infected. Additionally, antivirus programs provide an extra layer of defense by automatically scanning your devices for fileless malware.


A virus is malware that replicates its malicious code across your device. These programs attach themselves to common applications you might use daily. When you open an application infected with a virus, it can gain access to your files and sensitive information.

Preventing a computer virus is relatively simple when you implement a few cybersecurity protocols. Set up complicated passwords and change them regularly. Users dealing with a large amount of sensitive information should also set up two-factor authentication, which allows access to a platform only after verifying your identity multiple times.

Several online technology degrees can help prepare cybersecurity professionals for a role in preventing computer viruses. Students participate in programs that teach wireless security, data analytics, web design, network architecture and software engineering skills.


Computer worms infect devices and quickly self-replicate, compromising performance while identifying and infecting connected devices. Worms typically access a device’s network and move laterally across all other devices in that system. Once a worm exploits a security issue on a single device (the “host”), it can infect other devices — even if those secondary devices are fully protected. The highest-functioning worms can replicate across many devices, servers and networks without human interaction.

Many firewalls and antivirus programs offer strong worm protection and can help identify suspicious items in emails or other forms of messaging. Worm prevention becomes more challenging after worms infect a network. Even if you eliminate many of the worms infecting secondary devices, the worms can continue to replicate until the host device is cleansed.

The bad news? Remnants of worm activity can affect productivity across your networks long after the worm is removed.

Because of the potential for damage from a computer worm, many organizations turn to professional cybersecurity assistance. If you’re interested in helping companies defend against computer worms, consider obtaining a bachelor’s degree in cybersecurity. This degree program teaches aspiring cybersecurity professionals skills in network security and vulnerability.


Trojans, or Trojan horses, are virtually any malware that misleads users. Trojan code maliciously takes control of your device after disguising itself as a legitimate computer program.

You’ll notice device performance issues soon after a Trojan arrives. If your computer or phone displays interruptive pop-ups or spam messages, it might be infected.

To prevent Trojan malware:

  1. Refrain from downloading files from a source you don’t recognize.
  2. Don’t open attachments or links in unfamiliar emails.
  3. Perform updates and download the latest security patches for your device and all programs.


Bots represent malicious programs that hackers use to control devices. Malware bots can resemble legitimate bots that search engines use to perform repetitive tasks. In the same way Googlebot indexes webpages, a malicious bot repeatedly crawls your device or website for valuable information.

Preventing bots means protecting your devices and website from malicious crawls. To protect your device, consider installing a strong antivirus program that limits a bot’s entry points and automatically crawls your running processes for unauthorized activity.

To protect user-facing webpages from harm:

  1. Block outdated browsers from accessing your website.
  2. Take time to evaluate traffic sources through data-tracking tools to identify where website traffic enters and exits your website.
  3. Pay close attention to failed website login attempts and investigate unexpected spikes or drops in page visits.

Because bots can affect your organization’s devices and web elements, many companies turn to professional IT support for help. Students looking to join the IT workforce should consider pursuing a bachelor’s degree in information technology, where they will reinforce skills in information systems, cybersecurity and systems analysis.


Ransomware is a form of malware that takes hostile control of your files or device, blocking access until you pay a ransom. Hackers often threaten to erase a device’s data unless ransom demands are met. In other cases, hackers threaten to make the device’s information public.

Ransomware works by encrypting a device, or specific files within a device, and preventing user access. Soon after, hackers make the ransom demand.

Preventing ransomware starts with healthy device-use habits:

  1. Don’t download files and applications from unknown sources.
  2. Review your port settings regularly and use virus scanners familiar with common ransomware programs.
  3. Maintain backup files in case your original documents become locked. Backup files give you leverage in a ransomware situation and may provide enough time for professional IT specialists to assist you.


Spyware is far more discreet than many other forms of malware. It transmits personal information directly from your hard drive to other locations.

Unlike bots or worms, spyware is typically distributed to specific devices for specific purposes. Hackers might be searching for incriminating information they think is on a user’s hard drive, or mining for a particular set of login credentials.

Spyware is challenging to identify since its primary goal is to hide on your device. Spyware resembles other forms of malware in how it affects your device. Users might notice slower application load times, slower internet processing times and unexpected program crashes. In addition, spyware can cause unexplainable increases in your device’s data use.

It’s much easier to prevent spyware than to eradicate spyware once it begins to affect your device. Preventing spyware means practicing safe internet and email habits, monitoring device data-usage trends and the permissions you allow for each application.


Rootkits are designed to grant hackers undetectable access to a device. Unlike worms and viruses, which depend on sheer volume to overwhelm a device, rootkits are targeted attacks by hackers attempting to avoid detection.

Rootkits commonly appear on devices through phishing, or mass link distribution schemes across email and social media platforms.

Once integrated into your device, a rootkit can begin disrupting it in several ways. Because rootkits commonly give hackers remote access, you might notice applications operating without your control.

To prevent rootkits from accessing your device:

  1. Avoid suspicious emails, text messages or other outreach from unfamiliar sources.
  2. Avoid downloading untrusted software or software from third-party websites or vendors.
  3. Regularly update the programs your device uses.

If you suspect a rootkit has infected your device, disconnect from the internet immediately. Hackers can create a link to your device through their internet connection, directly accessing your files until you break that connection.

Cybersecurity education at University of Phoenix

Whether you’re seeking to gain a basic understanding of cybersecurity or you’re a working professional looking to expand your skill set, University of Phoenix offers online course collections and bachelor’s and master’s degrees in cybersecurity and more.

  • Certified Ethical Hacker Course Collection — This course collection can help you prepare to sit for the EC-Council Certified Ethical Hacker (CEH) certification exam. Topics include the phases of ethical hacking, recognizing weaknesses and vulnerabilities of a system, social engineering, IoT threats, risk mitigation and more.
  • Certified Incident Handler Course Collection — This course collection can help you prepare to sit for the EC-Council Certified Incident Handler (ECIH) certification exam. This specialist certification focuses on how to effectively handle security breaches. 
  • Certified Network Defender Course Collection — This course collection can help you prepare to sit for the entry-level EC-Council Certified Network Defender (CND) certification exam. Courses focus on protecting a network from security breaches before they happen.
  • Computer Hacking Forensics Investigator Course Collection — This course collection can help you prepare to sit for the EC-Council Computer Hacking Forensics Investigator (CHFI) certification exam. You’ll learn about the latest technologies, tools and methodologies in digital forensics, including the dark web, IoT, malware, the cloud and data forensics.
  • Bachelor of Science in Cybersecurity — This online program teaches skills such as security policies, network security, cybersecurity and more.
  • Master of Science in Cybersecurity — This online program explores in depth such skills and topics as cybersecurity, security policies and vulnerability.


want to read more like this?

What is a machine learning engineer?

Online Degrees

May 18, 2023 • 6 minutes

What Is Malware?

Online Degrees

March 17, 2023 • 8 minutes

9 Jobs You Can Pursue with a Degree in Data Science

Online Degrees

February 16, 2023 • 8 minutes