Malware includes viruses, spyware, and other unwanted software that gets installed on your computer or mobile device without your consent. These programs can cause your device to crash, and can be used to monitor and control your online activity. They also can make your computer vulnerable to viruses and deliver unwanted or inappropriate ads. Criminals use malware to steal personal information, send spam, and commit fraud.

Avoid Malware

Scam artists try to trick people into clicking on links that will download viruses, spyware, and other unwanted software — often by bundling it with popular free downloads. To reduce your risk of downloading malware:

• Install and update security software, and use a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS X) to update automatically.
• Don’t change your browser’s security settings. You can minimize "drive-by" or bundled downloads if you keep your browser’s default security settings.
• Pay attention to your browser’s security warnings. Many browsers come with built-in security scanners that warn you before you visit an infected webpage or download a malicious file.
• Instead of clicking on a link in an email, type the URL of a trusted site directly into your browser. Criminals send emails that appear to be from companies you know and trust. The links may look legitimate, but clicking on them could download malware or send you to a scam site.
• Don’t open attachments in emails unless you know who sent it and what it is. Opening the wrong attachment — even if it seems to be from friends or family — can install malware on your computer.
• Get well-known software directly from the source. Sites that offer lots of different browsers, PDF readers, and other popular software for free are more likely to include malware.
• Read each screen when installing new software. If you don’t recognize a program, or are prompted to install additional “bundled” software, decline the additional program or exit the installation process.
• Don’t click on popups or banner ads about your computer’s performance. Scammers insert unwanted software into banner ads that look legitimate, especially ads about your computer’s health. Avoid clicking on these ads if you don’t know the source.
• Scan USBs and other external devices before using them. These devices can be infected with malware, especially if you use them in high traffic places, like photo printing stations or public computers.
• Talk about safe computing. Tell your friends and family that some online actions can put the computer at risk: clicking on pop-ups, downloading "free" games or programs, opening chain emails, or posting personal information.
• Back up your data regularly. Whether it's your taxes, photos, or other documents that are important to you, back up any data that you'd want to keep in case your computer crashes.

Detect Malware

Monitor your computer for unusual behavior. Your computer may be infected with malware if it:

• slows down, crashes, or displays repeated error messages
• won't shut down or restart
• serves a barrage of pop-ups
• serves inappropriate ads or ads that interfere with page content
• won’t let you remove unwanted software
• injects ads in places you typically wouldn’t see them, such as government websites
• displays web pages you didn't intend to visit, or sends emails you didn't write

Other warning signs of malware include:

• new and unexpected toolbars or icons in your browser or on your desktop
• unexpected changes in your browser, like using a new default search engine or displaying new tabs you didn’t open
• a sudden or repeated change in your computer's internet home page
• a laptop battery that drains more quickly than it should

Get Rid of Malware

If you suspect there is malware on your computer, take these steps:

• Stop shopping, banking, and doing other online activities that involve user names, passwords, or other sensitive information.
• Update your security software, and then scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect.
• Check your browser to see if it has tools to delete malware or reset the browser to its original settings.
• If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem.
• Many companies — including some affiliated with retail stores — offer tech support.Telephone and online help usually are less expensive, but online search results might not be the best way to find help. Tech support scammers pay to boost their ranking in search results so their websites and phone numbers appear above those of legitimate companies. If you want tech support, look for a company’s contact information on their software package or on your receipt.

If you’re a Best Buy customer, you’re going to want to check your credit cards. Just a day after Sears, Kmart, and Delta admitted that they were affected by the breach of the data firm [24]7.ai, Best Buy has come forth with a statement of its own, effectively raising its hand to say that it has been impacted as well.

“Best Buy offers chat services for customers coming to us via their phone or computer,” the company noted in a blog on its corporate website. “We, like many businesses, use a third-party for the technology behind this service and that company, [24]7.ai, told us recently that they were the victim of a cyber intrusion.”

This hack (in fact, a piece of malware) happened between September 27 and October 12 of 2017, and as a result, it would appear that payment information “may have been compromised.” And if [24]7.ai compromised customer payment information, that means that Best Buy customers were likely affected.

Best Buy notes that since the data firm gave notice of the potential risk, the company has been hard at work attempting to solidify “the extent to which Best Buy online customers’ information was affected.” And thus far, the electronics giant seems to be quite optimistic. In fact, it says, “As best we can tell, only a small fraction of our overall online customer population could have been caught up in this [24]7.ai incident, whether or not they used the chat function.”

This is much better than Sears, Kmart, and Delta, who collectively believe that thousands of their own customers were likely victims of this attack. All the same, even if it is only a “small fraction” of Best Buy’s customer base, for folks who are impacted, it’s still far too many. To that end, the company noted, “We are fully aware that our customers expect their information to be safeguarded and apologize to the extent that did not happen in this case.”

Though initial reports estimated that around 50 million Facebook users' information was improperly obtained by Cambridge Analytica, Facebook upped that number to 87 million last week. The company also said that it would soon be informing those users that their information was accessed by the political firm. Today, those notices are going out, Facebook confirmed to us, and every user will see one of two notifications. If your data was obtained by Cambridge Analytica, you'll get a note telling you so. If not, you'll see a message at the top of your news feed with a link to the apps and website management section of your Facebook settings.

In the message letting users know that their information was shared with Cambridge Analytica, Facebook notes that it has banned the "This is Your Digital Life" website. It also informs users that one of their Facebook friends used the site through Facebook, though it doesn't say which friend. The message includes a link for users to see how they were affected.

Along with Cambridge Analytica, Facebook has also suspended AggregateIQ and CubeYou for using similar tactics. The social media giant has also changed some of its data management practices and rewritten its policies so that they're easier to understand. Facebook CEO Mark Zuckerberg will testify before Congress on April 10th and 11th in order to address concerns over the company's data security practices.

Security researchers have discovered a new ATM malware, “ATMJackpot.” The malware seems to have originated from Hong Kong and has a time stamp on the binary as 28th March 2018.

The malware has a smaller system footprint, it has a simple graphical user interface that displays a limited number of information, including the host name, the service provider information such as cash dispenser, PIN pad, and card reader information.

ATM Malware propagates via physical access to the ATM using USB, and also via the network by downloading the malware on to already-compromised ATM machines using sophisticated techniques.

The malware opens a session with the service providers and registers to monitor events, then it opens a session with the cash dispenser, the card reader, and the PIN pad service providers.

Once the session with service providers are opened, the malware is able to monitor events and issue commands.

Experts believe authors of the malware will continue to improve it and they expect it will be soon detected in attacks in the wild.

It might not seem it, but it's officially spring! Wherever you live, if you run and manage a home office, now’s a good a time to do some spring cleaning so your devices are less vulnerable to malware and potential threats.

1. Keep all your systems up to date

Running updates has become a mantra for security managers, but it's the simplest and most practical thing a home user can do. By running updates, we're talking about doing the updates for the operating system and all applications, not just Microsoft Office. The way the industry has progressed, most of the updates today are security-related, so be sure to run the updates when your computer prompts you to run them. It's also important to run frequent security scans. At least once a month run a full system scan, not just a scan of critical areas. It may take several minutes, but it's well worth it.

2. Clean out the cache on your computer

Look at what's on your cache and just clean it out. You'll get better web browsing performance and there's no reason to keep things piling up for months and months in your cache, where malware can hide. The other point to consider is that once you clean out the cache, you will be visiting the most up-to-date version of that website, so assuming that the site practices security hygiene it will also be more secure.

3. Clean out the cookies

In the wake of all the bad news surrounding privacy lapses at Facebook, this point has become especially important. Check your browser for cookies and either delete them selectively or delete them entirely. It's really important for you to have insight on who has data about you.

4. Update passwords and consider two-factor authentication

For years, security experts told people to use numbers for vowels in certain places as well as symbols, but in the past year NIST advises that people use passphrases. A longer passphrase is better than a tricky password with numbers and symbols. Use a passphrase that's unique to you and something you can remember. It can be the opening line to a favorite song or poem, but the more unique it is to you, the more secure. And especially for personal banking sites, sign up for two-factor authentication. Most banks today will offer an option where you get a unique PIN number or passcode every time you log on. Use it.

5. Check your router

Home office users should periodically change the password on their routers. And if the router is more than two or three years old, ask your provider if you can swap it out and get a dual-band router. You’ll get the benefit of faster, more reliable data transmission, plus the router will have the latest security firmware updates.