Home Page Navigation Contents Contact Sitemap Search


This article is an intro­duc­tion to the world of mal­ware. It explains how mal­ware works in gen­eral, and also dis­cusses the most common routes of infec­tion and harmful behav­iour pat­terns. In the process, we explain how our “5 steps for your dig­ital secu­rity” will pro­vide effec­tive pro­tec­tion each time.

The most impor­tant points to remember:

  • Mal­ware denotes com­puter pro­grams with unde­sir­able and fre­quently harmful functions.
  • There are dif­ferent types of mal­ware, requiring dif­ferent pre­ven­ta­tive measures.
  • Over the past years, risks posed by mal­ware have increased further.
  • You can effec­tively reduce such mal­ware risks by fol­lowing our “5 steps for your dig­ital secu­rity“.

Mal­ware – an unde­sir­able com­puter program

The word “mal­ware” is an umbrella term for com­puter pro­grams usu­ally cre­ated delib­er­ately to harm users.

Sim­ilar to con­ven­tional soft­ware, mal­ware cre­ation and dis­tri­b­u­tion methods have also devel­oped fur­ther. The former is increas­ingly pur­sued at a pro­fes­sional level, con­tributing to a higher volatility of mal­ware devel­op­ments. An increas­ingly tar­geted approach is also used to then spread this mal­ware. Pri­vate indi­vid­uals and SME are sub­ject to sys­tem­atic attack.


Sim­ilar to other com­puter pro­grams, mal­ware is nothing but a series of instruc­tions exe­cuted by a computer.

To exert its harmful impact, mal­ware will there­fore have to be exe­cuted by the system. This either involves users or pro­grams already run­ning giving instruc­tions to do so.

It is a well-known fact that the former hap­pens when users are led to believe that they can either ben­efit or avoid harm this way. Mal­ware exe­cuted in this manner is denoted by the umbrella term Trojan Horse, or Trojan for short. It mas­quer­ades as a useful pro­gram and is gen­er­ally ini­ti­ated by users them­selves. Once exe­cuted, it takes full harmful effect.

And this doesn’t nec­es­sarily have to involve exe­cutable pro­gram files in the classic sense. Office doc­u­ments and PDF files can also con­tain so-called macros, which are exe­cuted by this software.

Such attempted decep­tion can often be exposed and pre­vented by taking our “Step 5 – Exer­cising care and remaining alert“.

If mal­ware is exe­cuted by a pro­gram already run­ning without any user action, this hap­pens by exploiting a so-called secu­rity gap, or vul­ner­a­bility. This is an error in a program’s logic which could affect security.

Vul­ner­a­bil­i­ties in browsers for instance allow for so-called drive-by down­loads to occur. Oper­ating system vul­ner­a­bil­i­ties are often exploited, too, for instance to infil­trate a device via external data car­riers such as USB sticks or a net­work. Mal­ware spreading autonomously via such vul­ner­a­bil­i­ties is called a worm.

Soft­ware man­u­fac­turers reg­u­larly fix such vul­ner­a­bil­i­ties by pro­viding updates. The most impor­tant mea­sure to take to pre­vent a mal­ware infec­tion is there­fore con­sid­ered to be “Step 3 – Pre­venting with soft­ware updates“.

Once exe­cuted, most mal­ware vari­ants seek to ensure they can run their mali­cious code time and again, employing a variety of methods. A virus will write its own mal­ware code into other pro­grams to do so. So-called rootkits will directly infil­trate your oper­ating system code.

Dam­aging effects

You cannot com­pletely avoid all risks of catching a mal­ware infec­tion. It is there­fore rec­om­mended you also take mea­sures in case there is a suc­cessful infection.

Below we will intro­duce some common damage sce­narios and explain how the harm caused can be mit­i­gated by fol­lowing our “5 steps for your dig­ital secu­rity“.

System slow­down

The fraud­u­lent abuse of system and net­work resources can slow you down con­sid­er­ably when you are working on an infected device, or even make doing so impos­sible alto­gether. The one type of mal­ware with a huge effect on system per­for­mance is that cre­ated for such pur­poses as mining cryp­tocur­rency (Crypto Miner), cracking pass­words, or car­rying out attacks on other sys­tems (for instance Dis­trib­uted Denial of Service).

This type of mal­ware ben­e­fits from infecting the largest number of sys­tems pos­sible, which are then com­bined into a so-called botnet.

Such mal­ware is designed to wreak havoc on a system over the longer term, and should be dis­cov­ered by your anti-virus soft­ware sooner or later. For this to work prop­erly though, you will have to make sure to reg­u­larly update it and run repeated com­plete scans of your whole system. You can find fur­ther infor­ma­tion on this under “Step 2 – Mon­i­toring with antivirus soft­ware and fire­wall

Ad dis­plays

Pro­grams known as adware make them­selves unpop­ular with their vic­tims by con­tin­u­ously dis­playing ads.

If a system is plagued by an uncom­monly high number of ads, this might indi­cate another kind of mal­ware infec­tion and should serve as an oppor­tu­nity to clean your system.

If the ads dis­played are lim­ited to web­sites only, and are only shown inside your browser, it could be worth­while fol­lowing up on our tips for increased levels of pri­vacy and data pro­tec­tion on the Internet, or on how to use an adblocker.

Data col­lec­tion

Mal­ware with spy­ware prop­er­ties is char­ac­terised by specif­i­cally col­lecting and passing on infor­ma­tion about its vic­tims. This could for instance entail analysing your surfing habits, cap­turing key­strokes (key­logger) or stealing sen­si­tive data.

To mit­i­gate the risk of spy­ware activ­i­ties, we rec­om­mend you seg­ment your own dig­ital activ­i­ties, and only dis­close your data very spar­ingly. By fol­lowing our “Step 4 – Pro­tecting online access“, you can effec­tively reduce the extent of damage caused by a suc­cessful spy­ware attack. Using two-factor authen­tifi­ca­tion for instance ensures your e-banking account is not auto­mat­i­cally com­pro­mised in case your pass­word is captured.

Encryp­tion or destruc­tion of data

Data encryp­tion is mainly used as leverage for black­mail attempts by so-called ran­somware.

Once you have cleaned your system, usu­ally the only remedy here is to restore your data from a back-up you have cre­ated pre­vi­ously. “Step 1 – Backing up data“ is the cor­ner­stone for suc­cessful data recovery.

Com­bined attacks

Mal­ware does not just limit itself to the sce­narios described above. Sev­eral of these approaches can for instance be com­bined, or com­pletely new approaches developed.

The former is achieved with the help of so-called down­loaders, which will down­load fur­ther mal­ware to the system under attack auto­mat­i­cally or upon request.

One promi­nent example for a com­bined attack are black­mail attempts where spying out a tar­geted system is the first step, with its data then being encrypted in a second step. This allows black­mailers to exert more pres­sure on their vic­tims, for instance by threat­ening to pub­lish the data cap­tured, or to pass them on to a competitor.

Iden­ti­fi­ca­tion and cleaning

If you follow our “5 steps for your dig­ital secu­rity“, you will effec­tively reduce the risk of a mal­ware infec­tion occur­ring, and of any ensuing damage sce­narios, too.

You cannot how­ever com­pletely rule out any such risks com­pletely. Read our article on “Mal­ware infec­tions“ to find out how to recog­nise and resolve an infection.

Mal­ware” is a term used to denote com­puter pro­grams devel­oped to exe­cute unde­sir­able and poten­tially harmful func­tions on a victim’s device. The term is a com­bi­na­tion of “mali­cious” and “soft­ware”.

What else would you like to learn about security when e-banking?

Reg­ister for a course now
and learn more:

Basic course

Find out about cur­rent Internet threats and some easy pro­tec­tive mea­sures, and how to securely use e-banking.

fur­ther information

Online course mobile banking/payments

Find out about mobile banking, mobile pay­ments and how to securely use these apps.

fur­ther information

Online course for the under-30s

Learn how to use your smart­phone securely. Next to basics, we will show you what you should know about social media, clouds, mobile banking and mobile payments.

fur­ther information

Course for SMEs

Is your organ­i­sa­tion suf­fi­ciently secure? Learn which mea­sures you can take to sig­nif­i­cantly strengthen your organisation’s IT security.

fur­ther information