23 July 2021, Kathmandu
With the increasing use of the internet and digital, various means of cybercrime have started appearing. Malware is one of them. Which is becoming a challenge for everyone in today’s digital world. So here we are informing you about the malware prepared by the Nepal Telecommunication Authority, the regulatory body of the telecommunications sector.
Malware: Malicious Software is a hacker-created program used by hackers/cyber criminals to corrupt and destroys other computers and computer systems via email/Internet and pen drives or infected computers.
There are different types of malware such as Spyware, Ransomware/Crypto-malware, Adware, viruses, Trojan, worm, Bot & Botnets, Rootkits, Keyloggers, Spam/Phishing, etc.
- Unsafe file attachments received via email and click on the link
- When using an infected pen drive to transfer/copy files
- By clicking on Pop-Up Window/Banner under Visited Website
- Unsafe attachments found on Facebook, LinkedIn, WhatsApp/Viber and clicking on links
- When downloading freeware/shareware and pirated software, music video, malware is downloaded and installed on the user’s computer/mobile.
What harm can malware do?
Once malware is installed on a computer, it monitors the day-to-day activities of the computer user and encrypts all important data without the user’s knowledge and access to financially and personally sensitive data from hackers/cybercriminals. As a result, the computer system may not work.
How to stay safe from malware?
- Don’t use unsafe websites like freeware, pirated software/game, free music/video, pornographic content available. When visiting such unsafe websites, do not click on the link for promotion in the Pop-Up Window / Banner and do not download Freeware/shareware and Pirated Software, Music Video/games from such websites.
- Don’t click on suspicious ‘attachments’ and links on social networks like Facebook, Twitter, Linked In, and WhatsApp/Viber.
- Do not open the computer and computer system if you think the link and ‘attachment’ are suspicious by just clicking or opening the email internet link and ‘attachment’ correctly.
- Let’s not accept cookies requests from insecure websites, let’s ignore them.
- If for some reason the computer and computer system is hacked and the hacker encrypts the data and the hacker demands payment for the data decryption, let’s not pay such a hacker. Paying the hacker is not likely to decrypt the data.
- Don’t use useless pen drives on computers and computer systems.
- Use Security Browser Add on Tools like Netcraft to identify unsafe websites.
- Make regular backups of important data stored on computers and computer systems.
- Perform regular scans on computers and computer systems using Anti-Virus / Anti-Malware Spam Filter.
- Always keep the computer and computer system’s firewall active “ON”.
- Update the operating system, Anti-Virus / Anti-Malware / Spam Filter regularly, including the software used in the computer and computer system.
- Avoid open Wi-Fi (unsafe Wi-Fi) as much as possible.
- Email Keep abreast of new virus/cyberattacks spreading through the internet. Let’s also inform others about it.
- Let’s use strong passwords on computers, computer systems, and digital accounts. Let’s change the password from time to time.
- Protect computers and computer systems by using Multi-Factor Authentication (such as Two Factor Authentication, Mobile Number, OTP, Fingerprint, etc.).
- Do not reply/respond to messages, phone calls, etc. sent via email/internet with prizes, gifts, lotteries, visas, etc., showing various temptations or threatening messages.
- Don’t send details like Password, OTP, Bank Account Number, and PIN code through e-mail.
- Do not share Personally Identifiable Information (PII) including Login Credentials (User Name and Password), Bank Credit Card Number, Citizenship Number without identifying any website well. Only share your details by identifying the official website.
- If you have any doubts about the emails or websites that you have received, please reply only by contacting the concerned organization by phone, by identifying the person sending the email or the organization well.