IT security at the University of Bern

Malware: Beware of viruses, worms, and trojans!

Malware burrows into your computer, laptop, or smartphone. Through it, third parties can access your system and steal or manipulate your data without being noticed. Updates, the latest antivirus software, and a bit of caution when using the internet and email can protect you.

Malware in emails or on the internet

Malware refers to computer programs that carry out unwanted actions on your computer, laptop, or smartphone. The main types are viruses, worms, and trojans. They are programmed for various purposes: spying, theft of information or money (online banking), and much more.

Over 350'000 new malware programs are discovered every day (source: AV-Test). In most cases, a system becomes infected through an email or while you are surfing the internet. Particular care should be taken with downloads or links in email attachments or files on questionable websites.

A worm is a program that copies itself to another computer (independently executable). A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program to cause damage.

Computer worms can arrive as attachments in spam emails or instant messages. Once opened, these files can link to a malicious website or automatically download the computer worm.

Worms can modify and delete files, and they can even inject additional malicious software onto a computer. Sometimes a computer worm's purpose is only to make copies of itself over and over - to overload a device or network. In addition to wreaking havoc on a computer's resources, worms can also steal data and allow a hacker to gain control over a computer and its system settings.

A Trojan horse, or Trojan, is a type of malicious code or software that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general, inflict some other harmful action on your data or network.

A Trojan seeks to deceive you into loading and executing the malware on your device by acting to be the desired game or the song you like so much. You might also, for example, think you've received an email from someone you know and click on what looks like a legitimate attachment. But you've been fooled. The email is from a cybercriminal, and the file you clicked on - and downloaded and opened - has gone on to install malware on your device. Once installed, a Trojan can perform the action it was designed for.

Trojans usually are employed by cyber thieves and hackers trying to gain access to users' systems. They can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system.

A computer virus is a self-propagating computer program that infiltrates other computer programs and reproduces itself. The classification as a virus refers here to the distribution and infection function.

Once started, it can make uncontrollable changes to the status of the hardware, the operating system, or other software (damaging function). Computer viruses can interfere with computer security by the creator's desired or unwanted functions and count to Malware.

The term computer virus is colloquially also used for worms, ransomware, rootkits, spyware, and trojans since there are often mixed forms, and for users, the difference is barely recognizable.

Over 350'000
new malware
programs are
discovered every

How to protect yourself against malware:

Updates minimize security loopholes for malware. Programs and operating systems are constantly improving: prettier designs, more features, and often improved security. You can access these improvements by installing an update on your devices. 

Be skeptical about emails from senders you don't recognize. It would be best if you also were mistrustful of emails with unusual content from people you know. Don't download attachments, and don't click on links in emails that look strange to you. Call and ask if you have any doubts.

Use antivirus software and always keep it updated.

If you want to download a program from the internet, download it from the manufacturer's website. Always check the internet address and page information.

How my device gets infected with malware:

You receive an email with an attachment or a link. The attackers want you to open or download a document or click on a link to install malware on your device. Here are three typical methods used to manipulate you:

Threat: You forgot to pay a bill (check the attachment!). You signed a contract.

Curiosity: A whistleblower is passing secret information on to you. Someone is accidentally informing you of salaries or strategies. A video that supposedly shows you.

False identity: Julian Assange, a service provider, a collection agency, a major bank, a well-known company, or an applicant.

You're browsing a website, and suddenly a pop-up appears and asks you to install an update - for Firefox, Chrome, Edge, or something similar. Or you're asked to download Adobe Flash Player or another "special" player.

Usually, you're told that you can't keep browsing or can't keep using the website's services without the player's update. The attackers are pressuring you.

Updates are important but usually automatic. Only trust update messages from your operating system itself or programs, never from pop-ups on a website.

There are fraudulent websites that imitate the sites of well-known companies to appear trustworthy. They lure internet users looking to download a specific program or film to their page. Even Google/Bing search results, especially advertising links, are not always an indicator of reliability.

You often get what you were looking for - plus some malware. You don't even notice that your device has been infected.

Do you believe your device has been infected? Don't panic.

  1. Disconnect from the internet by disabling the WiFi and/or wired network connection and/or unplugging the network cable.
  2. Did you download a document or program? Delete it.
  3. Start your antivirus software and perform a system scan.
  4. Talk to your IT department if possible.

How can you tell if your device has been infected? Possible signs:

  • Your antivirus software reports an infection.
  • Error messages when starting or shutting down the computer.
  • Your computer no longer runs stably and crashes frequently.
  • Slow system, constant load on the RAM and/or processor, constant hard drive activity.
  • Antivirus software is disabled (even after you explicitly activated it).
  • The website of one or more antivirus software providers can no longer be reached.

You can find more information at "e-banking, but secure!".


Current attack scenarios:

Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again.

Ransomware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message, or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.

Typical attacks usually ask for $100 to $200. Other attacks seek much more, especially if the attacker knows the data being held hostage can cause a significant direct financial loss to a company. As a result, cybercriminals who set up these scams can make big sums of money.

No matter what the scenario, even if the ransom is paid, there is no guarantee that computer users will be able to fully access their systems again. While some hackers direct victims to pay through Bitcoin, MoneyPak, or other online methods, attackers could also demand credit card data, adding another level of financial loss.

Don't pay the ransom. Keep in mind; you may not get your files back even if you pay a ransom. A cybercriminal could ask you to pay again and again, extorting money from you but never releasing your data.

In 2016, European police forces joined forces in the fight against ransomware. Read more on

Detailed statistics about ransomware and the estimated financial damage it causes can be found here.

Scareware includes programs that are designed to fool the computer user into a danger that does not exist.

The most famous form is counterfeit antivirus software, which indicates countless viruses on the computer. However, to remove the alleged pests, the user should purchase a paid program. The goal is to exploit the fear of computer users and to earn money with fake anti-virus software.

Spyware is a type of malware. It infiltrates your computing device, stealing data and sensitive information.

Spyware is used for many purposes. Usually, it aims to track your internet usage data, capture your credit card or bank account information, or steal your personal identity. Spyware is like a mirror for criminals. It monitors your internet activity, tracks your login and password information, and spies on your sensitive information.

Some spyware installs additional software or changes the settings. It's important to use secure passwords and keep your devices updated.

Spyware can affect PCs, Macs, and iOS or Android devices. Although Windows operating systems may be more susceptible to attacks, attackers are becoming better at infiltrating Apple's operating systems as well.

Some common ways your computer can become infected:

  • Accepting a prompt or pop-up
  • Downloading software from an unreliable source
  • Opening email attachments from unknown senders
  • Pirating media such as movies, music, or games