How Malware Spreads

The dreaded malware we all love to hate.

No one likes it when their computer or network is contaminated with malware.  How malware spreads, can sometimes be a bit of a mystery to some users, as most people would see that their computer is acting weird and they don’t know why.  Questions like…” why is my computer moving so slow?” or “does my computer have a virus or something?” starts to surface, and you have no idea how it happened.

I’ll be focusing more on how malware spreads, and what you can do about it.

Before we go any further, I’d like to give some substance to the term “malware”, so you can get a better understanding of what it is.  Malware is software whose primary purpose is to cause harm to your computer and network.  Whether in the form of phishing to steal your information, or a virus to cause your computer to crash, the outcome is the same, bring harm to your computer.

Hopefully, by the end of this article, you’ll be more informed about malware and what to do to prevent it from infecting your systems.  Now let’s get into the top ways malware can spread from computer to computer.

Storage Devices

how malware spreads

A common way that malware can spread from device to device is through storage devices like external hard drives or USB flash drives.  We all tend to want to pack as much data as possible on our external hard drives or USB drives, and not think much of what we’re putting on there.

Then take that same device and plug it into another computer, without much thought.

Well if any of the files on your hard drive happens to be infected with malware of any kind, that device is considered “infected”.  The moment you start plugging that device into other computers, you’re now infecting those other computers with that device.

Ensure that you have antivirus software that does a scan of the drive on your computer before you plugin that device to transfer data.

Spam Emails

This is one of the main ways malware spreads.  Hackers love to send spam emails because they work.  Users are easily enticed to click on a link they weren’t sure about but wanted to explore a bit to see where that link will take them.  Heck, I’ve even fallen for this a few times, and I’m a techie.

So anyone can fall prey to this particular tactic. 

The two types of malware that get sent through spam are Ransomware and Trojans.  Both of which can be dangerous and very expensive if you get infected by them.    

So please be careful NOT to open emails that you are not sure about.

This falls under the category of Phishing, which I wrote about and mention a few tips on how to not become a victim of a phishing attack.

Downloading Bad Software

how malware spreads

Downloading bad software from the internet is a sure way to spread malware to your computer.  By “bad software”, I’m talking about software that was illegally pirated or cracked so you can get it for free.

Websites that are notorious for housing this bad software are torrent sites.  Torrent sites are websites that allow you to download software and other types of data from other users who have shared that data on the internet from their server. 

However, torrent sites are very credible.  The source from which you are downloading software or data could have all sorts of infected files associated with the files you are downloading.

So again, if you are going to download unauthorized software or data from these types of websites, make sure you have some form of security software installed to scan these files before you open and use them.

Hacked Social Media or Email Accounts

Have you ever received a weird private message from one of your friends on social media?  Or an email came to you from one of your friends but seems like it was a bit bizarre.  The email you received is asking you to check out some links they’d like you to see.

And it’s usually associated with money.  Like a cool way to make some money fast, or something of that nature.  Or maybe it’s trying to send you to an inappropriate site.

These are examples of accounts that were hacked, and the hacker is then sending messages to all the contacts, pretending to be that person.  If this happens to you, and you received one of those weird emails from your friend or colleague, contact them using other means, and verify that it was in fact them who sent the message.

The thing is, hackers are smart enough to actually keep interacting with you if you reply to that message, and will continue to play the role of your “friend”.  They’ll continue to play along and say things like “yeah it’s pretty cool, check it out” (talking from experience here…and not proud of it).

So don’t attempt to communicate with them through that same channel.  Instead, try calling or texting that friend or colleague to verify it’s them.  And say “hey I got this message from you, was it you that sent it?”, and let them tell you for sure.

Now let’s move on to identifying the different kinds of malware out there.

Types of Malware

How Malware Spreads

There are many types of malware that are out there, but I’m going to share the most common ones that do the most harm. 

Computer Virus

This is the most common type of malware you will come across and hear about.  A computer virus is a program that’s created to alter the way a particular program is operated, usually in a bad way.  It essentially replicates itself by inserting its own codes into that program.  Now that infected program infects all other programs that are affiliated with it.

This cycle continues until an entire system is compromised with infected files.

Common signs to know that your system is infected with a virus are:

  • Altered performance:  A particular program is not running like it normally does.  Usually, you’ll notice that the program is slow to respond, non-responsive, or a combination of the two.
  • Pop-ups: Not as common today as in the past, but pop-ups are a dead giveaway that your computer is infected with a virus.
  • Drivers Don’t Work: Software that allows your computer to communicate with the hardware is called drivers.  Examples could be drivers for a printer/scanner or even drivers for the Operating System.  A virus can affect these drivers and prevent your hardware (i.e. printers, scanners, hard drives) to work.


As I’ve mentioned before, this type of malware has been creating all types of havoc for businesses and Government entities alike in the past recent years.  Ransomware is malicious software that locks you out of your computer and/or network by encrypting the files.  And the only way to un-encrypt those files is to pay the hacker a ransom, usually in the form of Bitcoin.

I believe this is one of, if not the most dangerous and expensive form of malware.  We’re talking entire companies get shut down because their data has been encrypted by ransomware.  And the crazy thing is you still put your company at risk by paying the ransom amount that is demanded.

Because the reality is that the attacker still can have access to files if they have the “key” to unlock those encrypted data. 

The best approach to solving this issue is to rebuild from your clean backups.  This is why it’s so important to always have continuous backups going.

The other important thing to understand about ransomware is that it’s initiated by the user, most likely from an email of some kind.  Here’s a video that gives a pretty good breakdown of ransomware and what we can do to better protect ourselves.


Although we don’t hear much about this particular malware, it’s still alive and well.  Spyware operates a little in stealth mode.  It’s malicious code designed to gather information from your device.  That information is then brought back to the hacker who can then use that information to do “bad things”.

As long as you’re connected to the internet (which…let’s be honest, all of us are) you’re at risk of some form of spyware.

Here are two main ways hackers can use spyware to get on to your computer (there are many more of course):

  1. Trojans:  This is also a type of malware that I mentioned before.  Hackers will disguise a Trojan software to make it look like it’s legit and safe to download.  Users then download this software, thinking all is well, and then discover their systems are infected later on. Sometimes it’s hard to see with the naked eye, but what you can pay attention to is the source you’re downloading that software from.
  2. Adult and Gambling Websites: These types of sites are filled with all types of ads and malicious codes that can seriously infect your computer with all types of spyware.  Interacting with these types of websites almost guarantees your computer gets infected, unless you have protective measures in place.  Such protective measures would include having an antivirus installed to block spyware…possibly even block the entire website.  

How to Protect Against Malware

Protect against malware

Now that we’ve covered several areas on how malware spreads, let’s change gear a bit and talk about how you can protect yourself against malware.

The first and most obvious protection I would recommend is installing security software that acts as a barrier between your computer and the internet.  There are many to choose from, however, the ones that I would recommend are Malwarebytes, Norton, Bitdefender, or Kaspersky.

Anyone of these security software will give you the protection you need to ward off malware.

Also, Malwarebytes is the only security software that I know of that you can install other security software alongside it, on the same machine.  Most security software/antivirus does not play well with each other when you put them on the same machine.

You can use the duo combination of Malwarebytes and another security software to make it a one, two punch to protect against malware.

Updates are important as well.  Ensure both your security software and your Operating System are receiving automatic updates.  Updates are the patches used to cover up the holes hackers exploit to infect your machines with malware.

The next protection method I have mentioned before is to NOT click on links from unrecognized emails.  This one I can’t stress enough because it’s so important.

This is a primary method hackers use to infect your computer.  If you’re not sure, verify the source manually by doing a little research, or ask your tech person what you should do.

Finally, only download software from reputable websites that you can trust, even if you have to pay for it.  In fact, if you have to pay for that software, it’s probably a good chance it’s legit and coming from a trusted website.  It’s the “free stuff” that’ll get you because they come riddled with all types of malware.

So be vigilant, be smart and be proactive to protect against malware.  Doing so will reduce your chances significantly of becoming a victim of a malware attack.


antivirus, malware, Malwarebytes, spam, spyware, virus

You may also like

How to Restore a PC Computer

How to Restore a PC Computer
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}