What is threatware? Meaning, causes, and protection

Threatware is any type of program that was created to steal or destroy a person’s data. It’s essentially an alternative term for malware, so it includes all the malicious software out there, like viruses, worms, or trojans.

A threatware attack happens when cybercriminals use threatware as the primary tool to compromise, exploit, or harm their target. The target could be a person, system, device, network, or data. The attackers use sophisticated techniques and different kinds of malware to get access to their victim’s devices or data.

Threatware, like all malware, can be delivered in multiple ways, and it typically depends on human error and the exploitation of technical vulnerabilities. Common methods include drive-by downloads, software bundling where threatware is packaged with legitimate software, malicious online ads, downloads from peer-to-peer networks or torrent sites, or even fake antivirus alerts.

Can you get threatware from an email attachment?

Yes, threatware might end up on your device through email, just like many other malicious software. Email attachments have long been a highly favored delivery method for cybercriminals. It’s very easy to send thousands and even millions of emails, and people often don’t check the emails and their attachments before interacting with them.

By using social engineering techniques like spear phishing, the attackers target specific individuals with tailored messages that make their deceit more convincing. The malicious files attached to these phishing emails are masked as regular files — Word documents, spreadsheets, PDFs, JPGs, and other common files. Once executed, these files install malicious software on your device.

Here are some tips on how to avoid falling for phishing emails and how to prevent threatware from getting on your device:

• Verify the sender. Before downloading and opening any attachments, double-check the sender and their email address. Ensure the attachment comes from a known and trusted source.
• Be skeptical of unsolicited emails and attachments. If you weren’t expecting to hear from the person and they’re sending you a file, it’s best to verify with the sender through a secondary channel before opening anything.
• Update regularly. Ensure your operating system and all software are regularly updated. Updates often contain patches for known vulnerabilities that cybercriminals might exploit.
• Educate yourself. Familiarize yourself with the latest phishing tactics and fake email strategies. Awareness is one of the best defenses, and you must keep up with the cybercriminals to stay safe.
• Use email filtering. Many email providers offer filters that can help identify and hide potential spam or malicious emails. But don’t depend on them too much — sophisticated phishing emails may bypass any filter you are using.
• Click carefully. Be present while you browse — don’t just click any ad or link to see what happens. Stay on the safe and reputable side of the internet as much as possible.
• Don’t use third-party app stores. Download software from official app stores or directly from the developers. Getting it from random websites or stealing it through file-sharing platforms is a surefire way to get threatware.
• Use security software. Try NordVPN’s Threat Protection — it will scan the files you download on your browser and delete them if they’re found to be malicious. If you use a PC, Threat Protection will also notify you about fake double file extensions and let you know if any of your software has a known vulnerability.