What Is Malware?

Quick Answer

Malware can infect your devices and then lock the device, take it over, record what you type or do all sorts of other fraudulent things. Stay safe by keeping your devices updated, using antivirus software and being aware of attackers’ tricks.

A man looking through a pair of binoculars.

Experian, TransUnion and Equifax now offer all U.S. consumers free weekly credit reports through AnnualCreditReport.com.

Malware, short for malicious software, is a broad term for various types of nasty programs and computer code. Hackers, scammers, fraudsters and other bad actors might use malware to gain access to or take control of networks and devices, including computers and cellphones. To avoid the worst effects of malware, you can also take steps to protect yourself and remove malware from an infected device.

What Is Malware?

Malware can include different types of programs, such as viruses, worms and Trojan horses. Generally, malware could make its way onto your device when you:

  • Visit an infected website
  • Download malware that's disguised as a legitimate program or app
  • Download a malicious email attachment
  • Plug an infected USB drive into your computer

Once malware infects one of your devices, you might unintentionally spread it to other devices or people as well.

What happens next will depend on the type of malware and the attacker's goal. For example, spyware might try to stay hidden as it secretly records everything you type, the websites you visit or even your location. Ransomware, on the other hand, might make itself known right away by encrypting all your files and demanding a ransom to unlock them.

How to Check if You Have Malware

In addition to scanning your device for malware, there are a few signs that might indicate your device is infected:

  • Poor performance: Your device frequently freezes up or crashes, and tasks that used to happen quickly, such as opening apps, start taking a long time. You also might notice that the device fan is always on or the device is unusually hot.
  • Low space: You're unexpectedly running out of storage space on your hard drive.
  • Low battery: The battery starts to drain much faster, even though you haven't changed how you're using the device.
  • Increased data usage: If you monitor your device's data usage, you might see it increase as the malware sends and receives a lot of data.
  • Unexpected charges on your phone bill: Some malware makes calls or sends texts to premium numbers, or subscribes you to new services, and the charges get added to your phone bill.
  • Your settings change: Malware might change your device or internet browser settings, perhaps deactivating security protections or changing your default search engine.
  • You get lots of pop-ups: Some malware sends pop-ups to your device, perhaps prompting you to click on an ad that will then download other types of malware. There are even pop-ups with fake virus warnings. These prompt people to contact a tech support line that's actually run by scammers who may then trick you into installing other types of malware, giving them control of your device or paying them to "fix" your device.

Unusual activity in your financial accounts or charges on your credit card might also be a sign that your device is infected with malware, or that someone has stolen your account information using a different method. Either way, you can take steps to report the fraud and secure your accounts.

How to Remove Malware

If you suspect your device is infected with malware, don't log in to any of your accounts—especially financial accounts or online accounts that have stored bank or credit card details. Try to address the problem immediately to limit how much information the attacker might be able to steal.

  • Update your devices. Many phones and computers have built-in protections that can block, detect and remove malware. Update your operating system to the latest version to help your device find and remove malware.
  • Run an antivirus or anti-malware scan. Antivirus software, also called anti-malware software, can scan your device for malware and delete it. Some popular options even have free versions available. Just be certain that you're going to the official website to download the software—some malware might try to redirect you to look-alike websites to keep you from removing the malware.
  • Reinstall your operating system. If you're unable to find and remove the malware and you're certain that your device is infected, you may need to reinstall the operating system. This can effectively wipe everything from your device, including the malware. Be sure to back up any important documents, photos or videos stored on your device before reformatting.

You can contact a tech support company if you want help reinstalling your operating system. They also may be able to help you back up files that you want to keep. But search for options on a different device—you don't want the malware to redirect you to "tech support" that's part of the scam.

How to Avoid Malware

There are two important aspects of avoiding malware: making sure your devices have the best defenses in place, allowing them to detect and block malware, and being mindful of how you use and interact with your devices.

Some of the best things you can do are:

  • Keep your devices and apps updated. Keeping your devices and apps updated can block malware from infecting the device.
  • Use antivirus software. In some situations, third-party antivirus programs might help keep you safer than the free defenses that come with your operating system.
  • Delete old apps. You may want to delete apps that you no longer use. Attackers might be able to find vulnerabilities in old apps or take over apps and then release updates that contain malware.
  • Don't click on links. Be skeptical of links that people send you by text message spoof an email, email or on social media. Even if the message comes from someone you know, their device could be infected and sending messages without their knowledge. Attackers also might spoof an email or text message to change the sender's display name to a well-known company, government agency or someone you know personally.
  • Don't download email attachments. Similarly, don't download email attachments that you aren't expecting. Sometimes, the sender might try to trick you by claiming they're an important invoice or receipt.
  • Don't plug in USB devices you find. You don't know whether the USB drive you find at an airport, conference or anywhere else is infected. Best to leave it alone.

Of course, context matters. If you're already having a back-and-forth conversation with a friend and they send you a link or file, it will likely be safe. But if you get an unexpected message from them with a link and no context, it might be worth asking if they meant to send that before clicking.

Stopping Malware Is Only Part of Staying Safe

Attackers can use malware to extort victims and steal personal information. But there are other methods and tools to be aware of as well. Here are a few resources that might help you stay safe and avoid identity theft, scams and fraud.

  • Review this checklist to protect yourself from cybercrime and scams.
  • Get a free dark web scan from Experian and check to find out whether your personal information was already leaked in a data breach.
  • Run a free personal privacy scan from Experian to find out what other people might be able to find out about you on the open web.

You may also want to use Experian's free credit monitoring to get notified of changes in your credit report. Or sign up for a paid premium membership for an identity theft protection service that monitors additional databases and accounts for signs of identity theft or credit fraud.