How to spot a malware attack on your business: 5 tell-tale signs

signs of malware attack

Like an unwanted guest causing friction at a party, malware can disguise itself, trick your employees, and cause problems for your business. Here are some tell-tale signs of malware attacks to help you detect threats and show them the way out. 

What is malware?

Malware is an umbrella term for malicious software that will harm your business systems. It’s designed to disrupt computers, networks, devices, and operations. 

5 signs of a malware attack

1. Your device’s performance will suffer

If you notice your device running slowly, crashing, or freezing, and it’s not a sluggish internet connection or because you’re next in line for a new machine from IT, then it might be malware knocking at your door. 

It’s difficult to define how obvious and extreme the disruption will be, as this depends on the type of malware. Some types will use up most of your computer memory, making it extremely frustrating to use your machine or run standard programs and apps like Microsoft Excel or web browsers.

2. Your interface will look different

If you notice your search engine wearing fancy dress, beware. We don’t mean a change like Google Doodles – look out for your default browser changing or redirecting you to another site, and new, unfamiliar browser extensions. This is known as browser hijacking – a malware that makes your browser malicious to compromise your systems.

Malware can also change or delete files, folders, or desktop icons, so if something looks odd or out of place, exercise caution. 

Want to improve your cybersecurity but not sure where to start? Check out our free guide to protecting your business on a budget.

3. Mysterious communications

Like someone sending a party invite on your behalf, malware can allow hackers to send emails, messages, or post on social media without your knowledge or consent. Keep an eye on any company or personal accounts you access from work devices to make sure all posts are legitimate. Check your email sent box, too. 

4. Unusual activity

Hackers may use malware to access your accounts, steal passwords, disable your security software to avoid being noticed, or connect to networks to compromise them. You might also notice unusual financial activity. Hackers achieve this using keyloggers – a type of malware that monitors your keystrokes, allowing cybercriminals to duplicate sensitive information like payment details and passcodes. 

If you notice any inexplicable traffic or activity on your accounts and security systems, flag the problem with your IT department or cybersecurity support provider

5. Ransom demands

More like a loud intruder than a discreet party crasher, you can’t miss a ransom demand. A hacker will use ransomware to encrypt files, or even your entire computer, to stop you from accessing what you need. The hacker will then demand you pay a ransom for decryption, but there’s no guarantee paying will result in success – 92% of companies that pay ransom don’t get their data back, so be wary of trusting the word of a cybercriminal. 

Mighty malware attacks


In 2017, NotPetya, a Russian ransomworm, went global and caused widespread damage and disruption to businesses. It encrypted files and the hackers behind it demanded ransom for decryption. The attack, which cost $10 billion in total damages, according to a White House assessment, affected behemoths like Maersk, Reckitt Benckiser, and Mondelēz.


The worm – malware that can replicate and spread quicky – first emerged in 2004, but is still active today, and has costed an eye-watering $38 billion in damages. It works by sending an email with a malicious attachment. Once opened, the attachment downloads software that mines for email addresses and sends the virus to all your contacts, perpetuating the problem. MyDoom has also been used to take control of users’ computers and launch distributed denial of service (DDoS) attacks. In 2004, it took down Google for an entire day.

Show malware the door

Now you know the signs of a malware attack, what should you do if you experience one of them? Here are some quick actions that will help to slow or stop the spread of malware, like a bouncer protecting a venue from getting overcrowded with revellers:

  • Communicate the issue, following your business’ cybersecurity procedures
  • Disconnect from the internet
  • Don’t log in to anything 
  • Put your computer in safe mode
  • Run anti-malware software
  • Check and verify your web browser
  • Remove suspicious browser extensions
  • Clear your web browser cache

It’s vital that you communicate the incident to the colleague, department, or company that looks after your cybersecurity. If you have access to a 24/7 cybersecurity monitoring, check with your provider, they may already be aware of the problem and working to solve it. Either way, working together and communicating effectively will help you to keep the malware at bay and limit damage to your company data.

Cost of living CTA 3