Malware is short for “malicious software.” It is often used as a synonym for “virus,” but the fact is that the term malware covers any kind of software that has a negative effect on the user. The term “virus” specifically returns to a program that can replicate itself and spread on its own.

Malware also includes such things as spyware and adware, including “malvertising” – an ad on a website that causes problems or system damage, whether deliberately or otherwise.

Ptss, Surfshark’s free bonus feature CleanWeb™ protects from malware, phishing attempts and blocks ads & trackers!

Types of Malware

As mentioned, “malware” is an umbrella term, and there are a number of types of malware you might run across. Here are the most common:


A computer virus is a piece of code that replicates and spreads on its own. Viruses often lie dormant and are sometimes triggered at a certain time and date. Unlike worms, viruses do require some human input to spread.


CleanWeb™ guarantees protection from malware


Virus hoax

It’s worth mentioning that virus hoaxes are common. These chain letters are harmless pranks designed to get you to forward them to everyone you know. If you get an email that says there’s a virus circulating that will do something sensational, like destroy your hard drive, it is probably a hoax. The first hoax virus to become famous was “Good Times.” One less than harmless variant was SULFNBK.EXE, which attempted to trick the reader into deleting part of the Windows operating system.


A trojan, named for the infamous Trojan Horse, is a malicious program that disguises itself as a legitimate one. Trojans are becoming particularly common on mobile, where shady operators will sneak apps into the app store that look very like legitimate ones. Trojans can also be downloaded when you click on website popups.


Worms are very common. Worms usually spread via network, but they don’t have to exploit operating system. Worms tend to overload networks, and may contain “payloads” that can steal data or create botnets. Worms and viruses are not quite the same, although there is overlap. Worms can replicate entirely on their own, for example by emailing themselves to all of your contacts.


Ransomware, usually distributed as a trojan, is software that encrypts your hard drive and demands money, usually in cryptocurrency, for the key. Never pay the ransom. (The best way to protect yourself from ransomware is to keep good backups, in multiple places). Note that ransomware hoaxes are also a thing, and are more sinister than normal virus hoaxes. The attacker will send an email claiming to have accessed your data and threatening to send stuff to your contacts if you don’t pay the ransom (One recent ransomware scam threatens to photoshop your face onto porn and send it to all of your friends). These are bluffs and should be ignored and deleted.


Adware is software that delivers advertisements. In some cases, this may be bundled with a free program. While much adware merely shows you ads, often at the most inconvenient time, some is bundled with spyware.


Spyware is malware that spies on user activity without knowledge. It is most often a trojan, hidden with legitimate software or exploiting a vulnerability. Note that some spyware can be intentionally installed… this is a favorite trick of both overprotective parents and abusive partners.

Get Surfshark for $1.99/mo, to protect yourself from malware

30-day money-back guarantee with every plan


9 Tips to Protect Yourself from Malware

There are a number of things you can do to protect yourself from malware, but here are the ten most important:

  1. Install a VPN. Choose a VPN from a reputable source. You should install VPN not just on your PC, but on your phone and tablet – mobile malware is a growing field. Consider getting a VPN, especially if you travel regularly. This can help protect you from man in the middle attacks and makes browsing on public Wi-Fi much safer. Surfshark for Windows, macOS, Linux, iOS, Android.
  2. Keep software up to date. Most especially, keep your anti-virus software up to date and your operating system patched. Waiting a couple of weeks on major OS updates is a good idea, but you should install security patches as soon as they are pushed.
  3. Avoid pirating games, e-books and movies. The temptation can be very high, especially if the movie you want to watch is not released in your region. However, attackers often disguise a piece of malware as a popular movie or best selling book to trick you into downloading it. If a movie file has .exe extension – you can be sure it is malware.
  4. Set your browser not to run Flash or Java unless you specifically tell it to. This prevents malvertising on the site from delivering some kind of rootkit or exploit kit. It will also speed up your web browsing dramatically. Another option is to install a reputable adblocker.
  5. Remove software and applications you no longer use, especially legacy software – software that is years old and no longer supported. If you still use legacy software, look for alternatives. Only use old software if you can’t find a good replacement.
  6. Never click on links in emails, even if they look legitimate. Instead, use a bookmark or enter the URL directly. This especially goes for links to financial sites. For example, when you get a notification saying somebody sent you money via Paypal, go manually instead of clicking, even if you’re expecting the funds. Any scary email that says your account is compromised or limited is generally a phish (some of them are obvious, as it’s not uncommon for phishers to throw such a broad net they hit people who are not customers of the financial institution).
  7. Do not click on “your computer is infected” popups or call numbers associated with them. Generally, this is simply a scam trying to get you to pay for the malware to be removed, but sometimes people have been tricked into giving remote access to their systems. Oh, and Microsoft will never call you saying they’ve detected an infection on your computer. This is a long-running scam.
  8. Use strong passwords. If you have problems remembering all of your passwords, use a password manager. Avoid using the one built into your browser, as it tends to be less secure and makes it easy for anyone who gets access to your laptop to get into all of your accounts. Log out of websites when done.
  9. Make sure that any website you connect to shows https, not just http, especially if you plan on entering financial details or your credit card number. Avoid doing financial and sensitive transactions on public wi-fi or computers.

Have more questions about malware? Drop us a line in the comment section below

Get Surfshark for $1.99/mo, to protect yourself from malware

30-day money-back guarantee with every plan