Body
Learn what malware is, how to recognize the warning signs on your device, how to avoid infections in the first place, and what to do if you suspect your computer has been compromised.
What is malware?
Malware is any software intentionally designed to cause harm — to a device, its data, or its user. It's an umbrella term that covers a wide range of threats, each with a different objective and method of attack.
RansomwareEncrypts your files and demands payment to restore them. Backups are your only real defense.
Spyware / KeyloggersSilently records what you type, capturing passwords and sensitive information without your knowledge.
TrojansDisguise themselves as legitimate software. Once installed, they open a backdoor for attackers or deliver additional malware.
Adware / Browser hijackersRedirect your browser, inject ads, change your homepage, and can serve as a delivery vehicle for more serious malware.
Even a device that appears to be functioning normally may be infected. Some malware is designed to remain invisible, quietly harvesting credentials or data for weeks or months before it's detected.
Warning signs of an infection
None of these symptoms are definitive proof of malware — each can also have innocent explanations. But any of them warrant attention, especially in combination.
Contact IT if you notice any of these
- Unexplained slowness or crashes
- Pop-up windows, especially ones warning you're infected
- Browser homepage or default search engine changed without your input
- Programs you didn't install appearing on your device
- Antivirus suddenly disabled or failing to update
- Unexplained storage space disappearing
- Contacts telling you they've received suspicious emails or messages from you
- A ransom note or encrypted files appearing
- Unusual network activity or data usage
- Your account activity shows logins you don't recognize
How to avoid malware
Most infections are preventable with consistent habits
- Don't open attachments or click links you weren't expecting. This is the most common delivery method for malware. Even if the sender looks familiar, verify with them directly if something unexpected arrives — their account may be compromised.
- Don't plug in unknown USB drives. A drive found in a parking lot or handed to you unexpectedly is a classic attack vector. Plug it in and malware can execute before you've touched a single file.
- Only download software from trusted, official sources. Pirated software, unofficial download mirrors, and fake "cracked" apps are a leading source of malware distribution.
- Keep your OS and applications updated. Most malware exploits known vulnerabilities that have already been patched. Staying current removes the target.
- Be skeptical of pop-ups claiming your computer is infected. Legitimate antivirus software doesn't advertise itself through browser pop-ups. These are almost always fake alerts designed to trick you into installing the malware yourself.
- Back up your files. A good backup stored in cloud storage (OneDrive or Google Drive) is your recovery option if ransomware hits. See: Backing Up Your Data.
How AI has changed malware
AI has made malware faster to build, harder to detect, and more targeted
- AI writes malware that evades detection. Traditional antivirus relies heavily on recognizing known malware signatures. AI allows attackers to rapidly generate new variants that look different enough to slip past signature-based detection — sometimes mutating automatically to stay ahead of updates.
- AI crafts the delivery vehicle. The phishing email or text message that delivers malware is now personalized, grammatically perfect, and contextually convincing — making it significantly harder to recognize as malicious before you've clicked.
- AI lowers the skill barrier. Sophisticated malware used to require real technical expertise. AI tools now allow people with minimal technical knowledge to deploy complex attacks, which has substantially increased the volume and variety of threats in circulation.
The practical implication: don't rely on "it looks professional" as a signal that a file or link is safe. The delivery mechanism may be flawless even when the payload is dangerous.
Antivirus on NCU and personal devices
NCU-issued computers
Endpoint protection is installed and managed by IT on all university-issued devices. It is updated automatically — you don't need to manage it. If you receive a prompt related to antivirus from an unexpected source, don't interact with it — contact IT.
Personal Windows computers
Microsoft Defender — built into Windows 10 and 11 — is a fully capable, regularly updated security tool that is adequate for most personal use cases. It runs automatically and requires no setup.
If you install a third-party antivirus product, verify it is from a reputable vendor. Ask IT if you're unsure — some well-known antivirus brands have had significant security or privacy issues of their own.
Personal Mac computers
macOS includes built-in malware protection (XProtect and Gatekeeper) that runs silently in the background. Keeping macOS updated is the most important thing you can do. A third-party antivirus is optional for most users — if you want one, ask IT for a recommendation.
Reporting a suspected infection
If you suspect your NCU-issued device is infected — stop using it and call IT
Don't try to clean the infection yourself. Attempting to remove malware without proper tools can leave remnants, destroy forensic evidence, or make things worse. Disconnect the device from the network if you can (unplug ethernet, turn off Wi-Fi) and contact IT immediately.
Call: 612.343.4170 | IT Security Incident Form | In person: IT Service Desk, Miller Hall