How to recognize, remove, and avoid malware
Reprinted from consumer.ftc.gov
Malware is one of the biggest threats to the security of your computer, tablet, phone, and other devices. Malware includes viruses, spyware, ransomware, and other unwanted software that gets secretly installed onto your device. Once malware is on your device, criminals can use it to steal your sensitive information, send you unwanted or inappropriate ads, demand payment to unscramble data encrypted by ransomware, and make your device vulnerable to even more malware. Here’s what to know to recognize, remove, and avoid malware.
How to know if you have malware
Look for unusual behavior from your phone, tablet, or computer. Your device might have been infected with malware if it…
- suddenly slows down, crashes, or displays repeated error messages
- won’t shut down or restart
- won’t let you remove software
- serves up lots of pop-ups, inappropriate ads, or ads that interfere with page content
- shows ads in places you typically wouldn’t see them, like government websites
- shows new and unexpected toolbars or icons in your browser or on your desktop
- uses a new default search engine, or displays new tabs or websites you didn’t open
- keeps changing your computer’s internet home page
- sends emails you didn’t write
- runs out of battery life more quickly than it should
How malware gets on your device
Criminals work to get malware on your devices so they can steal personal information, like your usernames and passwords, bank account numbers, or Social Security number. They use this information to commit identity theft. If you think someone may have stolen your information or identity, visit IdentityTheft.gov.
Malware can get onto your device when you open or download attachments or files, or visit a scammy website. Your device might get infected with malware through:
- downloading free stuff like illegal downloads of popular movies, TV shows, or games
- downloading content available on file-sharing sites
- downloading files on removable storage like external hard drives or thumb drives
- clicking links in fake security pop-ups sent to your computer by tech support scammers
- clicking on ads placed by scammers on websites you visit
- phishing emails that trick you into clicking on a link or opening an attachment
How to remove malware
1. Stop shopping, banking, and doing other things online that involve usernames, passwords, or other sensitive information — until you get your device cleared of any malware.
2. Check to see if you have security software on your device — if not, download it. Find recommendations from independent review sites by doing a search online. Also ask friends and family for recommendations. Some software that claims to be security software to protect you from malware is malware, so it’s important to do your research.
3. Make sure your software is up to date. Check that all software — the operating system, security software, apps, and more — is up to date. Consider turning on automatic updates so your software always stays up to date.
4. Scan your device for malware. Run a malware or security scan. Delete anything it identifies as a problem. You may have to restart your device for the changes to take effect. Run your scan again to make sure everything is clear. If the scan shows there are no more issues, you’ve likely removed the malware.
If you’re not able to fix your device with steps 1-4, steps 5 and 6 may resolve the issue. When using either of these options, you risk losing data. If you’ve backed up your data regularly, you’ll minimize what you lose.
5. Recover your operating system. To find out how to recover your operating system (like Windows or Mac OS), visit your device manufacturer’s website. Recovering your system typically means you’ll get back a lot of the data stored on the device, so it’s a good alternative to reinstalling your operating system (step 6). That is, if it clears the malware problem. After recovering your operating system, you’ll want to go back to steps 2, 3 and 4 to ensure that you’ve removed the malware.
6. Reinstall your operating system. To find out how to reinstall your operating system (like Windows or Mac OS), visit your device manufacturer’s website. Reinstalling your system is the safest way to clean an infected device, but you’ll lose all of the data stored on the device that you haven’t backed up.
Contact the manufacturer of your device. If it’s covered by a warranty, you may be able to get free tech support — otherwise you may need to pay to get help. Before seeking help, write down the model and serial number of your device, and the name of any software you’ve installed.
When reaching out for help, remember to look out for tech support scammers. Here are two things to know to avoid a tech support scammer:
1. Legitimate tech companies won’t contact you by phone, email or text message to tell you there’s a problem with your computer.
2. Security pop-up warnings from real tech companies will never ask you to call a phone number.
If you spot either of those things, you know it’s a scam.
How to avoid malware
Scammers try to trick people into clicking on links that will download viruses, spyware, and other unwanted software — often by bundling it with free downloads. Here are ways to avoid malware: Install and update security software, and use a firewall. Set your security software, internet browser, and operating system to update automatically. Don’t weaken your browser’s security settings. You can minimize “drive-by” or bundled downloads if you keep your browser’s default security settings.
- Read each screen when you install new software. If you don’t recognize a program, or are prompted to install bundled software, decline the additional program or exit the installation process.
- Get well-known software directly from the source. Sites offering lots of different browsers, PDF readers, and other popular software for free are more likely to include malware.
- Pay attention to your browser’s security warnings. Many browsers come with built-in security scanners that warn you before you visit an infected webpage or download a malicious file.
- Instead of clicking on a link in an email or text message, type the URL of a trusted site directly into your browser. Criminals send phishing emails that trick you into clicking on a link or opening an attachment that could download malware.
- Don’t click on pop-ups or ads about your computer’s performance. Scammers insert unwanted software into pop-up messages or ads that warn that your computer’s security or performance is vulnerable. Avoid clicking on these ads if you don’t know the source.
- Scan USB drives and other external devices before using them. These devices can be infected with malware, especially if you use them in high traffic places, like photo printing stations or public computers.
If you think your computer has malware, report it to: