Malware and Ransomware
A practical overview of how malware enters devices and how updates, installation habits and backups reduce damage.
Objectives and practical frame
At the end of this module, you will be able to:
- 01
understand malware families
- 02
recognize risky downloads and attachments
- 03
reduce installation risk
- 04
prepare for ransomware with backups and updates
10.1 What malware is
This section focuses on what malware is by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
Malware can arrive through attachments, fake apps, compromised sites, extensions or unsafe downloads. This module explains what malware and ransomware do, how they enter and which habits reduce exposure on computers and smartphones.
10.2 How malware can arrive
This section focuses on how malware can arrive by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
Malware prevention is a combination of cautious installation, updated systems, limited permissions and backups that have actually been tested
Malware prevention is a combination of cautious installation, updated systems, limited permissions and backups that have actually been tested.
10.2.1 Viruses
This detail focuses on viruses by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.2.2 Worms
This detail focuses on worms by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.2.3 Trojans
This detail focuses on trojans by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3 Ransomware
This section focuses on ransomware by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.1 Ransomware and backup
This detail focuses on ransomware and backup by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.2 Paying the ransom does not guarantee recovery
This detail focuses on paying the ransom does not guarantee recovery as an incident response situation where the first minutes matter.
The priority is to stop additional damage, preserve useful evidence, write down what happened and report through the right channel instead of improvising under pressure.
10.3.3 Spyware
This detail focuses on spyware by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.4 Adware
This detail focuses on adware by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.5 Keyloggers
This detail focuses on keyloggers in practical terms: what is being requested, what data or access is involved and what could go wrong if the action is rushed.
The useful habit is to connect details instead of checking them in isolation. Context, channel, timing, destination and consequences provide a clearer picture of risk.
10.3.6 Rootkits
This detail focuses on rootkits by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.7 Botnets
This detail focuses on botnets by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.8 Cryptominers
This detail focuses on cryptominers by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.9 Infostealers
This detail focuses on infostealers by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.10 Mobile malware and malicious apps
This detail focuses on mobile malware and malicious apps by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.3.11 Malicious browser extensions
This detail focuses on malicious browser extensions by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.4 Signs of possible infection
This section focuses on signs of possible infection in practical terms: what is being requested, what data or access is involved and what could go wrong if the action is rushed.
The useful habit is to connect details instead of checking them in isolation. Context, channel, timing, destination and consequences provide a clearer picture of risk.
10.5 What to do if you suspect malware
This section focuses on what to do if you suspect malware by connecting infection paths with prevention and damage reduction.
The practical controls are official sources, updates, limited permissions, careful handling of attachments and backups that have been tested before an emergency.
10.6 What not to do
This section focuses on what not to do in practical terms: what is being requested, what data or access is involved and what could go wrong if the action is rushed.
The useful habit is to connect details instead of checking them in isolation. Context, channel, timing, destination and consequences provide a clearer picture of risk.
10.7 Good prevention practices
This section focuses on good prevention practices in practical terms: what is being requested, what data or access is involved and what could go wrong if the action is rushed.
The useful habit is to connect details instead of checking them in isolation. Context, channel, timing, destination and consequences provide a clearer picture of risk.
A file can be dangerous even if it seems to come from a known contact.
Installing software from random links to solve a problem quickly.
Use official stores, keep systems updated and test backups.
Infection path classification
Classify common infection paths: attachment, fake app, browser extension, cracked software, compromised site and removable drive.
Malware prevention is a combination of cautious installation, updated systems, limited permissions and backups that have actually been tested.