The 5 Best Antivirus for Windows 10 PCs of 2020
Short on time?
This is the best antivirus of 2020:
Norton – Perfect antivirus protection and a ton of bonus features: A free and unlimited VPN, a password manager, webcam protection and parental controls.
Why do you need antivirus software? Your safety is at risk. Every Windows PC is hackable. Every click is trackable. By buying the best antivirus software, you restore your security and privacy. And equally important, you restore your peace of mind. Your device will be safe from malware. Your passwords will be safe from hackers. Your internet activity will be private from advertisers. And your children will be safe from inappropriate content on the web.
How to choose the best antivirus? We are here to help. We have been testing and reviewing security software for Windows, Mac, Android, and iOS since 2014. Below, we have selected the best 5 from over 50 antivirus apps. Being armed with anti-malware, webcam protection, password managers, virtual private networks (VPNs), parental controls, game boosters, and anti-trackers, these are the Swiss army knives of the cybersecurity industry.
So what are the best antivirus for Windows 10 PCs?
1 / Most Popular
The best antivirus for 2020. Antivirus, firewall, VPN, password manager and webcam protection.
- Malware Protection 100% 100%
- Online Privacy 100% 100%
✓ 60-days money-back guarantee
✓ VPN: Free and unlimited
The biggest discounts of the year have arrived. Save 70% at BitDefender!
Excellent protection. Antivirus, firewall, VPN, password manager and webcam protection.
- Malware Protection 100% 100%
- Online Privacy 96% 96%
✓ Windows, Mac, Android, and iOS
✓ 30-days money-back guarantee
✓ VPN: 200 mb per day for free
Excellent protection. Antivirus, firewall, VPN and a password manager.
- Malware Protection 99% 99%
- Online Privacy 94% 94%
✓ Windows, Mac, and Android (not iOS)
✓ 30-days money-back guarantee
✓ VPN: 150 mb per day for free
Very good protection. Antivirus, firewall and an optional VPN.
- Malware Protection 100% 100%
- Online Privacy 76% 76%
✓ Windows, Mac, and Android (not iOS)
✓ 30-days money-back guarantee
✓ VPN: Not included for free
Very good protection. Antivirus, firewall, VPN and a password manager.
- Malware Protection 93% 93%
- Online Privacy 56% 56%
✓ 30-days money-back guarantee
✓ VPN: Free and unlimited
The full reviews
Below you can read more in our reviews of the best 5 antivirus of 2020
Verdict: Perfect protection, and the best privacy features
- Perfect anti-malware for Windows: Norton discovered 100% of the 10.249 malware samples in the Malware Detection Test.
- No impact on the speed of your PC: Norton scores 97.3 in the PC Mark performance test. This means that it doesn’t impact the speed of your PC.
- Anti-phishing: Receive a warning before accessing a fraudulent website that tries to steal your sensitive data, like credit card details.
- Firewall: When connected to the internet, suspicious traffic gets blocked from accessing your PC, so that it can’t access your files and data.
- Password manager: Create strong and unique passwords for each of your accounts, and store them in a secure vault.
- Free and unlimited VPN: Surf the web anonymously by encrypting your internet connection and hiding your IP address.
- Webcam protection: Block spyware and hackers from unauthorised access to your webcam.
- Parental controls: Filter what your kids do online, set time-limits to screen time, and more. Norton’s parental controls are the best in the industry.
- Bonus features: Norton includes a cloud backup and a lot of identity theft protection features in its premium packages.
- No VPN on AV Plus: Norton’s entry-level antivirus, AV Plus, does not include the VPN. It’s included in 360 Standard, Deluxe and Premium.
For a more in-depth look, read Norton’s full review.
Have you seen Norton's discounts?
Verdict: Perfect protection, at a very good price
- Perfect anti-malware for Windows: BitDefender discovered 100% of the 10.249 malware samples in the Malware Protection Tests.
- No impact on the speed of your PC: BitDefender scored 97.1% in the PC Mark performance test. This means it won’t impact your PC’s speed.
- Anti-phishing: Receive a warning before visiting suspicious websites that are known for stealing sensitive data like credit card details.
- Firewall: Automatically block unauthorised devices from connecting to your PC and accessing your private data.
- Password manager: Create and store unique passwords for all your accounts.
- Limited VPN for free: Encrypt your internet connection, so you become anonymous online and safe from hackers.
- Webcam protection: Get a notification when apps attempt to activate your webcam and block their access.
- Parental controls: Remotely limit screen time and filter inappropriate websites for your children.
- Tons of bonus features: BitDefender includes anti-ransomware, anti-tracker, microphone protection, safe online banking, and much more.
- Free VPN limited to 200mb per day: The unlimited VPN will cost extra. However, the upgrade is worth it. You’ll get a version of Hotspot Shield’s super fast VPN at a deep discount.
For a more in-depth look, read BitDefender’s full review.
Have you seen BitDefender's discounts?
Verdict: Close-to-perfect protection, at a good price
- Near-perfect anti-malware protection: Panda detected 10.245 (99.96%) of the 10.249 malware samples in the Malware Detection Test.
- No impact on the speed of your PC: Panda scored 97.0 on the PC Mark performance test. This means that it will keep your PC as fast as ever.
- Anti-phishing: Receive a warning when you visit malicious websites that attempt to steal your personal or financial information.
- Firewall: Automatically stop uninvited devices from connecting to your PC or laptop.
- Password Manager: Panda has created a brand new password manager, that allows you to create and store a unique password for each account.
- Free VPN: Encrypt your internet connection with Panda’s VPN – based on Hotspot Shield’s technology – to become anonymous online.
- Parental controls: Manage what you children can see and do online, and which apps they can access.
- Bonus Features: Panda has a few useful bonus features such as a dedicated USB scan and clean-up tool to speed up your devices.
- Anti-phishing less effective: Panda’s anti-phishing discovered fewer malicious URLs than BitDefender and Norton.
- Password manager app for Android only: On Windows and Mac, it only works as a browser extension for Chrome and Firefox.
- Free VPN limited to 150 MB per day: 150 MB is not a lot. If you want the unlimited version, you’ll need to pay extra or get Panda Dome Premium.
For a more in-depth look, read Panda’s full review.
Have you seen Panda's discounts?
Verdict: Perfect protection, but missing a few features
- Perfect anti-malware protection: BullGuard discovered 100% of the malware samples in the independent tests.
- No impact on the speed of you PC: BullGuard beat the industry average in all performance tests, meaning that your PC will stay as fast as ever.
- Anti-phishing: Get a warning before you enter a website known for stealing sensitive data such as credit card information.
- Firewall: Block any uninvited device from connecting to your PC and reading your personal data.
- Parental controls: Block website categories, such as gambling and adult entertainment, set time-limits on internet use, and more.
- Bonus features: BullGuard features a game booster, home network scanner, cloud backup, and a few other useful bonus features.
- No password manager: BullGuard does not offer you the option to create and store highly secure and unique passwords.
- No free VPN: BullGuard does not include a free version of its VPN. If you want to be anonymous online, you’ll need to buy the VPN separately.
- Expensive VPN: BullGuard’s VPN is a basic version of NordVPN, but comes at the same price. You’d be better off just buying NordVPN directly.
- Norton’s parental controls are better: Concerned parents wanting all the bells and whistles, should get Norton instead.
For a more in-depth look, read BullGuard’s full review.
Have you seen BullGuard's discounts?
- Very good anti-malware protection: McAfee detected 10.242 (99.93%) of 10.249 malware samples in the Malware Detection Test.
- No impact on the speed of your PC: McAfee scores 97.8 on the PC Mark test, which means that your PC will remain as smooth and fast as always.
- Anti-phishing: Receive a warning before you access a website that is known for tricking users into handing over their sensitive data.
- Firewall: Automatically stop programs and devices from accessing your PC with your permission.
- Password manager: McAfee’s password manager, which helps you create and store unique passwords, is the best of the 5 antivirus in this test.
- Unlimited VPN for free: Be anonymous online by encrypting you internet connection and masking your IP address with McAfee Safe Connect.
- Parental controls: Block access to inappropriate websites and specific apps for your children, set screen-time, and track their location.
- Bonus features: McAfee includes performance optimisation, home network protection, encrypted file storage, and more.
- Not top-tier anti-malware protection: McAfee missed more malware samples than BitDefender and Norton in the detection tests.
- Norton’s parental controls remain the best: If you buy antivirus for the parental controls, we’d recommend Norton instead.
- Invasive VPN logging policy: McAfee’s VPN tracks what you do online. Yes, you’ll be safe from hackers, but you won’t be anonymous. Avoid this VPN.
For a more in-depth look, read McAfee’s full review.
Have you seen McAfee's discounts?
How we test?
Therefor, we want to be transparent about the methods we use to analyse and select the best antivirus software for Windows 10 PCs.
Below are the 3 factors that we consider most important. All of them matter, but they are not equal. Therefor, each has a different impact on the final score.
Read more below to learn about each factor.
- Protection 50% 50%
- Privacy 30% 30%
- Speed 20% 20%
The core function of antivirus software is the protection against malware threats and phishing attacks. The German and Austrian test laboratories, AV-Test and AV-Comparatives, run several in-depth studies each year to analyse how the various brand handle these threats.
To do so, they run each of the security tools through the three tests described below. Rather than duplicate their work, we use their findings to reach the protection score for each of the brands in our comparison.
Real-World Protection Tests
The aim of the exercise is to discover how antivirus software respond to online malware threats.
This is done by browsing to a malicious URL and observing whether the URL is blocked or not. In case it is blocked, the antivirus passes the test.
In case the URL is not blocked, the malware will be allowed to execute. Should the antivirus software detect the malware at this stage (via signature or behavioural detection methods) and block its execution, the antivirus still passes the test.
If neither the URL nor the malware is blocked, then the system is compromised, and the antivirus fails the test.
Malware Protection Tests
During this tests, computers are exposed to malware via USBs and network drives, rather than the web.
After exposing a PC to a malware sample, an on-demand scan is run. Should the antivirus detect the malware’s digital signature and prevent it from executing, the antivirus passes the test.
In case it does not discover the digital signature, the malware is allowed to execute. Here the antivirus has a second attempt to catch the malware. This time using its behavioural detection features.
Should it fail to catch the malware again, the antivirus fails the test.
Phishing attacks attempt to trick users into handing over sensitive information to hackers, such as their credit card details. This is done by mimicking legitimate websites, often PayPal and banks, and requesting users to type in their log-in details.
This is an important test, because phishing attacks do not infect a PC with malware, but rather attempt to manipulate the user through social engineering and spoofing. Therefor, the antivirus require a different skill set from detecting malicious computer code or suspicious file behaviour.
The test itself is actually quite simple. It measures whether the antivirus software, or its browser extension, warns the user when he or she attempts to access a fraudulent website. If it does not, it fails the test.
The privacy industry is taking the world by storm. At a time when governments, internet service providers (ISPs), and big data firms can track everything, consumers are craving privacy. To meet this demand, cybersecurity companies are adding privacy features to their products.
Below, we describe the most essential privacy features. Our experience in working with these tools is the basis for the privacy score in this comparison.
Virtual Private Network (VPN)
A VPN allows you to encrypt your internet connection and mask your IP address. The benefit of this is that hackers, internet service providers (ISPs), big data companies, and governments cannot see what you do online. In effect, this restores your anonymity when browsing the web.
Until recently, antivirus and VPN were separate industries. That is no longer the case. Nearly all antivirus manufacturers now offer VPN connections as part of their product. However, the way in which they do this varies quite a bit. In our analysis of the various VPN, we test for:
- The impact on the upload and download speed, and latency (ping).
- Whether streaming Netflix and torrenting are allowed and work.
- The number of servers available and where these are located.
- The security features such as AES-256, kill-switch and OpenVPN.
- How much the VPN costs.
- Who the creator and owner of the VPN is, and what their logging policy is.
This last point – the logging policy – is particularly important. Although you are anonymous online when you use a VPN, the VPN company itself can still track what you do. After all, your online activities flow through their servers.
Of course the VPN shouldn’t track what you do online. A VPN is a privacy product. That means privacy from everyone, including the VPN provider itself. Sadly though, many free VPN services and even some paid ones, abuse their power by collecting and reselling your data.
So what about the companies in our comparison? Can you trust them? And are their VPNs worth your money?
Norton: A trustworthy company and a good VPN deal.
Norton built its own VPN, called Norton Secure VPN. It is included for free with all antivirus products, except for the entry-level AV Plus.
The VPN has some flaws (no kill switch and no torrenting allowed), but it’s secure, fast, works with Netflix, and has a clear no-log policy (meaning that it doesn’t track anything you do online).
And the fact that it is included for free, makes it the best VPN deal among the major antivirus brands.
BitDefender and Panda: Trustworthy companies and good VPN deals.
Hotspot Shield’s VPN, which is owned by Pango, is one of the global leaders in the VPN space. It is fast, highly secure, allows torrenting and works with Netflix. It can easily compete with the other big names, like CyberGhost and NordVPN.
The VPN sold by BitDefender and Panda is a basic version of Hotspot Shield’s VPN, as you’ll miss out on several server locations and the kill switch. However, it comes at a very significant discount. Where Hotspot Shield sells its VPN at about $ 100 per year, you can get it from BitDefender at $ 39,99.
One thing to note is that, although BitDefender and Panda own your data, Pango processes it on their behalf. Luckily, Pango has a clear no-log policy, which means that none of your online activity is stored. So you can rest assured that you are completely anonymous online.
BullGuard: A trustworthy company but not a good VPN deal.
BullGuard re-sells a basic version of NordVPN’s service under its own brandname. Although NordVPN is excellent (fast, secure, works with Netflix and torrenting, and has a clear no-log policy), not all its features are available on BullGuard’s version (only 16 server locations an no kill switch).
This is not necessarily a problem, as long as the price is right, like in the case of BitDefender and Panda. After all, if you get less, you should pay less.
Sadly though, that is not the case. BullGuard’s VPN and NordVPN are priced very close to each other, which makes no sense. So if you want NordVPN’s excellent service, just get it straight from the source. Don’t pay the same for less at BullGuard.
McAfee: Not a trustworthy company and, therefor, a terrible VPN deal.
McAfee bought TunnelBear (a VPN company) in 2018. Since then, it includes its VPN (now called Safe Connect) for free in its McAfee Total Security package. Sadly though, you should avoid this VPN.
McAfee’s VPN is fast, relatively secure, and allows torrenting, but it doesn’t work with any streaming service (Netlfix, BBC iPlayer, Hulu or Disney+). And to make matters worse, McAfee’s logging policy is simply terrible:
McAfee logs your IP address, location, websites your visit, links you click, and much more. It retains this data forever and grants itself the freedom to sell it to others. This is as bad as it gets. There is little difference between McAfee’s logging policy and that of your average internet service provider.
Some antivirus brands, like BitDefender, now also include an anti-tracker in the form of a browser extension. Although there are plenty of free anti-trackers on the market, it is nice to see BitDefender increasing its privacy features.
As the name suggests, anti-trackers block tracking elements such as cookies. This stops those annoying ads from following your every move online. This has the double advantage of increasing your privacy and making websites load faster.
Microphone and webcam security
Hackers are able to activate your laptop’s webcam and microphone without your awareness. This is as creepy as it sounds. Luckily, both Norton and BitDefender include webcam security as standard in their antivirus package.
Any program that continuously runs in the background requires a certain amount of resources. Antivirus software do as well. The manner in which they do varies significantly however. Where one is hardly noticeable, another might cause your system to slow down by as much as 20%.
The test laboratories AV-Test and AV-Comparatives both run performance tests, in which they measure the resources required by antivirus software to perform their tasks.
Test cases include the slow down caused by antivirus software when copying, downloading and archiving files, installing and launching applications, and browsing websites.
AV-Comparatives runs the tests on “low-end” Windows 10 machines (i3 CPU, 4GB of RAM and a SSD hard disk), using their own in-house tests, as well as standardised performance tests such as PC Mark 10 Professional.
AV-Test runs the tests of both “low-end” (Intel i3, 256 SSD, 8GB RAM) and “high-end” (Intel i7, 256 SSD, 16GB RAM) Windows 10 machines.
We use their results, combined with our own test results, as the basis for our verdict in the speed section.
Most common features
What is anti-malware?
Anti-malware software detects and deletes any malware (malicious software) on your device. It also prevents you from downloading and installing new malware. In its war against digital threats, it has three strategies in its arsenal:
Signature-based detection: When anti-malware software identifies a potentially harmful program, it can analyze part of its code against a database that contains all known malware. Should the suspicious code match any of the malware signatures in the database, then the program is flagged as malicious. The downside to this detection method is that only known malware are in the database, which means that new malware can slip by unnoticed.
Behavior-based detection: To detect unknown malware in the wild, the behavior of software can be analyzed. Should an app act in an unauthorized or unusual manner it will be flagged as malicious. This method is at the forefront of cybersecurity and frequently relies on artificial intelligence and machine learning to detect malware.
Sandboxing: A sandbox is an isolated digital testing environment, in which a suspicious program can be allowed to execute. In this sealed-off environment, its behavior can be safely analyzed, without running the risk of it infecting the rest of the system. To not strain your device’s processing power, the sandbox analysis is often performed in the cloud.
What is anti-ransomware?
Ransomware is a modern form of malware that locks you out of your files or entire devices. It then requests payment via an anonymous method, such as cryptocurrency, to unlock them again. The best way to protect yourself from ransomware is to prevent the installation of it. There are four methods to do so:
Invest in cybersecurity software. The best antivirus software have anti-exploit features to protect vulnerable files and prevent ransomware from holding devices hostage.
Create regular backups. Whether it’s online via a cloud storage provider, or on a physically separate hard disk, a secure backup can be a lifesaver. Whichever you choose, make sure to use an encrypted system with multi-factor authentication.
Don’t skip security updates. When your device requests you to update the operating software; do it. These are often security updates. For instance, the infamous WannaCry ransomware attack relied on a vulnerability in Windows, that Microsoft had already released a patch for. However, many users simply hadn’t updated their system.
Stay vigilant. Ransomware is often installed by the end-users themselves. Through clever social engineering, people are tricked into downloading attachments or clicking links they shouldn’t. If it looks dodgy, it usually is.
What is anti-phishing?
A phishing email comes from a seemingly legitimate sender or trustworthy source and requests login credentials or payment details. These are often sent in an email blast to thousands of people at once. By being fairly general, they are easily spotted by digitally-savvy people.
It becomes more complex in the case of spear-phishing attacks. These are very personalized assaults, that use information from social networks to target specific individuals. An email might appear to come from a colleague, superior, or spouse, increasing the likelihood of its success significantly.
Although it is incredibly difficult to safeguard you from spear-phishing attacks, anti-phishing software has become very good at protecting you from the plain vanilla phishing attacks. The vast majority of these assaults are easily prevented via:
Anti-spam: By blocking emails that are suspicious or flagged by other users as spam, the majority of phishing emails directly go into the spam folder.
URL scanning: With the help of a browser extension, antivirus software will warn you before you enter a website that is known for phishing.
Most common malware
What is Adware?
Adware is a universal name for computer programs that have been designed to display various advertisements on a person’s computer. Adware programs can redirect search requests, display unwanted ads in your browser, and even collect data like the kind used in marketing campaigns.
There can be both malicious and non-malicious adware programs. Malicious adware programs are those that collect marketing data without the user’s consent and that can’t be located on the computer. Such “invisible” pieces of software that operate behind the scenes can often get into a user’s computer through freeware programs, infected websites and emails, or remote installations through a backdoor.
What is Antivirus?
An antivirus is a type of software, initially designed to aid in the removal of computer viruses. Over the years, this type of software has evolved to the point where it can also prevent various cyber threats from getting into one’s computer.
Antivirus programs are essentially suites of tools known to protect computers against malware, viruses, hijackers, keyloggers, worms, adware, spyware, spam, phishing, rootkits, and so on. These programs use the so-called “definitions” which need to be updated regularly to ensure protection against all the latest threats. They can also use sandbox detection (behavioral-based detection), data mining, or even machine learning algorithms to detect, quarantine, and ultimately remove threats.
What is a Botnet?
Botnets, also known as zombie armies, are used by black hat hackers or crackers for a wide range of applications. In essence, a botnet is a series of linked devices (computers, smartphones, etc.), each one operating its own bot unknowingly. This kind of network can be created without the device’s owner’s consent and operated remotely by one or more individuals.
The most common use for a botnet is launching powerful DDoS attacks, stealing personal information, and sending spam, amongst other things. The combined computational power of multiple devices, hijacked and connected via bots is what makes botnets so dangerous and hard to safeguard against. Botnets can also be rented to individuals or groups that need the computing power for attacks.
What is a Computer Exploit?
The name computer exploit can refer to software, data, command sequences, or lines of code that can take advantage of a certain software or hardware vulnerability. Using an exploit, one can either gain remote access to someone else’s device or cause significant damage to their software or hardware components. This happens as a result of unintended behavior triggered by the attacker.
Computer exploits can come in various types and are typically categorized depending on the type of vulnerability they exploit. There are also both local and remote exploits. These classifications refer to the level of access one needs to use the exploit against a computer or network of devices. Zero-day exploits are the most dangerous as there’s no protection against them.
What is a Computer Virus?
A computer virus is one of the most common types of malware, affecting millions of operating systems every day. It’s essentially malware with the potential to replicate itself through the corruption of other programs, much like how the flu virus works. It inserts its own code into other programs thus infecting them and causing them to behave poorly or in a very specific way.
Not only is it one of the most damaging types of malware but it can also be costly due to how it can waste resources, corrupt important data, and even cause system failures. That’s not to mention its potential for use in identity theft, DDoS attacks, spreading political propaganda, terrorist propaganda, and so much more. Computer viruses don’t attack until the file or program they’re attached to is opened. As such, many can be removed before doing any harm.
What is a Computer Worm?
A computer worm is a self-replicating malicious program that usually spreads through entire networks, causing significant traffic disruption. While not typically created to deliver any kind of payload, as most computer viruses do, a computer worm will often be used to set up a botnet.
Worms can install backdoors on user computers. This, in turn, allows someone else to control those devices, install bots, and create a zombie network that can be used for more powerful attacks or rented to others with nefarious plans and in need of high computing power. Worms can also cause traffic disruption or make systems unreliable or unavailable due to eating up a chunk of the infected device’s computing power.
What is Computer Hacking?
Computer hacking can be used to describe two types of activities. It is sometimes used with a negative connotation when it refers to activities practiced by those with malicious intent. These individuals or groups use various computer exploits and malware programs to take control over foreign computer systems in order to either cause disruption or gain a financial advantage.
It is also a term used in association with activities practiced by coders that work against malware programs, those that create antivirus programs, firewalls, and patch various system vulnerabilities. As such, hacker is usually used to describe a security hacker while cracker is the term associated with individuals with malicious intent.
What is Cybercrime?
Cybercrime, originally named computer-oriented crime, is any crime that involves either a computer or a network of computers. If computers, networks, or other mobile devices are used either as tools to commit the crime or the intended targets, the crime is classified as cybercrime.
Also covered under cybercrime are crimes that involve the use of telecommunication networks or services (chat rooms, emails, etc.). Cybercrimes have multiple classifications depending on the actions or tools used. As such, there are financial fraud crimes that fit under cybercrime, as well as cyberterrorism, online harassment, drug trafficking, human trafficking, and others.
What is a DDoS Attack?
DDoS stands for distributed denial-of-service. This type of attack is often used to disrupt traffic on networks or individual servers. It works by flooding its targets with large amounts of internet traffic, thus slowing down their performance. A DDoS attack can be initiated against a target or a target’s infrastructure.
It is also important to know that most DDoS attacks are launched using what’s called a zombie network or a botnet. Because they can make use of multiple corrupted or compromised devices, these attacks can have devastating effects and disrupt the regular flow of data and information.
What is Identity Theft?
Identity theft is a crime in which someone deliberately uses another person’s identity as a means to gain financial advantages or other benefits, while also leaving the victim to suffer consequences for the perpetrator’s actions.
When classified as a cybercrime, it means that the identity theft happened as a result of various computer exploits, hacks, use of malicious programs or suites to gather the personal identifying information necessary to gain said advantages. Identity theft can also be used to describe actions in which a person’s personal information is used by a cybercriminal to steal money from their banking account or to open new accounts and run up massive bills.
What is a Keylogger?
A keylogger can be a hardware component or software program used to monitor and record keystrokes on a keyboard. A keylogger is usually designed to work in the background and be completely invisible to the user. Keyloggers can also be part of malicious software suites known as rootkits and set the stage for a more powerful attack.
Not all keyloggers are used with malicious intent. Some are used by companies to monitor employee activity, some by parents to monitor their kids’ online activity, while others are used in the field of cognitive writing research. However, keyloggers can also be used to steal passwords and other sensitive personal information.
What is Malware?
Malware, or malicious software, is the term used to describe any type of software designed to grant unauthorized access to devices or networks of devices. Malware can also be used to steal, corrupt, or collect data and hamper the target computer’s or network’s processing power. Some common examples of malware include adware, spyware, keyloggers, etc.
Depending on what type of malware is affecting a system, specific actions are required to contain the situation and repair the damage. This is why the best protection against most types of malware is usually a strong antivirus suite that has adware and spyware detection functionality, a comprehensive and regularly updated virus directory, and a firewall.
What is Phishing?
Phishing is one of the most popular techniques used in social engineering. It denotes any malicious attempt to illegally obtain confidential or personal information while posing as a trustworthy entity. Phishing is often done via email spoofing.
While most phishing attacks involve the use of fake websites and redirects to said websites via links or corrupted attachments, some phishing attacks are carried out the old-fashioned way. For example, voice phishing usually uses fake caller IDs and VOIP services to gain the target’s trust and extract confidential information.
Catphishing is a popular type of phishing in which the perpetrator attempts to lure the target into developing an emotional investment for the purpose of eventually sending money. Law enforcement may also use catphishing techniques to catch criminals.
What is Ransomware?
Ransomware is malicious software most often used to hold various important files, programs, or entire networks hostage until a ransom is paid. It is also used to blackmail targets under the threat of releasing sensitive information publicly unless the perpetrator’s demands are met.
These types of attacks are generally launched with a Trojan virus, most likely mirroring a legitimate file that the user would download and access. What makes ransomware so dangerous is not just the difficulty of cracking decryption keys but also the difficulty in tracing back the attack to the perpetrators. That’s because most ransoms are paid in cryptocurrencies which are virtually untraceable.
What is a Rootkit?
A rootkit is usually a collection or suite of software tools designed to grant remote access and eventually control over foreign computer systems or networks. It is often used with malicious intent such as establishing a backdoor into a system. This backdoor can then be used to install other malware.
When not used with malicious intent, a rootkit program could be used to provide end-user support for various programs and applications. Because a rootkit is not classified as a computer virus or worm, it can’t spread by itself, meaning that it has to be installed directly. As such, malware rootkit suite is often either masked as a legitimate program or hidden inside one.
What is a Scam?
A scam is any action that involves a fraudulent scheme carried out for the purpose of taking money, goods, or sensitive information from individuals or groups. In this digital age, more and more scams are done via the internet due to the ease of targeting multiple individuals or marks simultaneously.
Some notable examples of scams include auction fraud, phishing, donation scams, the Nigerian prince scam, catphishing, cold calls, chain mail, online surveys, and others. Scams can be targeted cons or simple steps in much larger cons that merely serve as a means to advance a scheme forward.
What is Social Engineering?
Social engineering refers to any action of psychological manipulation against individuals or groups for the purpose of divulging confidential information or generally performing actions that might be detrimental to them or their organizations.
There are various types of social engineering, depending on how the manipulation is done or what it aims to achieve. Usually, a social engineering tactic is just one step in a larger con, a means to advance a plan to the next step. One of the most common tactics is that of impersonating trustworthy entities through direct contact or by phishing.
What is Spam?
Spam is the designation used for the action of sending unwanted electronic messages in bulk. While the most popular use involves sending unwanted and unsolicited emails to trick people into giving personal or otherwise sensitive information, spam can also be used in what are known as spam marketing campaigns. Spam campaigns can be initiated via a botnet and are considered very cheap, even though they don’t appear as trustworthy to most people.
Of course, the term is not used just for emails. Spam is in fact the definition of any type of unwanted electronic message sent in bulk. This includes emails, phone messages, search engine messages, blog posts, social media posts, forum posts, classified ads, and so on.
What is Email, IP, or DNS Spoofing?
Spoofing is the practice of altering any number of forms of communication coming from unknown sources to appear as though they are coming from trustworthy sources.
IP spoofing is used to disguise a computer in order to gain access to an otherwise restricted network or to hide one’s activity online.
Email spoofing often involves the use of fake email accounts that look almost legit, carrying links or attachments that either ask for confidential information or lead to other websites that can spread malware.
DNS spoofing is usually done to divert traffic from trustworthy websites to fake websites that can spread malware programs. Sometimes email spoofing and DNS spoofing go hand-in-hand.
What is Spyware?
Spyware is any type of malicious software like adware, Trojans, system monitors, or even tracking cookies that can be used to collect and transmit sensitive information from individual computers or computer networks without the user’s consent.
Although spyware is typically used with malicious intent and the programs tend to run covertly without the user’s knowledge, one could also classify keyloggers as spyware. As such, not all spyware is used to steal information. Sometimes it is used to simply monitor someone’s actions to better assess their productivity, interests, or level of loyalty to their employer.
What is an SQL Injection Attack?
An SQL injection attack is often used to spoof an identity and modify or corrupt existing data. This type of attack vector is quite common and is often used against online vendors, marketplaces, or any other business that uses an SQL database. The main purposes of these attacks include gaining access to hidden data, modifying balances, and destroying data.
The attack is performed by inserting malicious SQL code into a field for execution or database query. Although there are multiple types of SQL injection attacks, they are all considered to be less threatening when compared to other types of malware programs and exploits due to the constant improvements in the field of web security.
What is a Trojan Horse?
A Trojan horse is the designation for malicious software that doesn’t self-replicate or propagate itself through entire networks and appears benign in nature. There are multiple types of Trojan horse viruses and they are categorized by the type of actions they perform. As such, there are remote access Trojans, backdoor Trojans, and proxy Trojans, among others.
The typical method for propagating Trojan viruses is through social engineering techniques like phishing and spoofing. The victim unknowingly downloads them to their computer, usually attached to a seemingly legitimate file or piece of software.
What is a Zero-Day Exploit?
A zero-day exploit can be one of the hardest things to safeguard against. The reason behind this is that there is actually no way to protect against a vulnerability that no one knows about. This designation is given to exploits that are not common knowledge, meaning that only the person or persons that are taking advantage of it know about it.
Once a zero-day exploit becomes known or publicized to other coders and security experts, it is no longer called that. The exploit instead becomes known as an N-day exploit, where N stands for the number of days since the discovery of the exploit.
SoftwareLab.org is an independent software testing company. To keep our information free for you to access, we earn a referral commission when you make a purchase using one of the links below. In doing so, you are supporting independent testing, for which we are grateful. Thank you.