How can you get infected with malware?

En
10

What are the possibilities that I can catch malware on a laptop on the Internet without my being aware of it?

Can you catch malware on your laptop by only logging into a dubious website, i.e. Already during the login process?

Would Windows 10 immediately detect this malware?

Ne

Well In order to download malware onto a laptop, you first need a connection to the laptop. This can come about simply by visiting poorly protected sites.

It would also work over poorly protected networks or a direct connection to the laptop.

Depending on whether the malware is easily recognizable or not, Windows (or a protection program) can recognize it or not. That depends on the quality of the protection and the invisibility of the malware.

What interests me a little more, why do you ask about it? XD

Vi

There are a couple of ways. If that interests you, then take a look at pentesting and cyber security.

I don't want to write more about it here. Also keep in mind that hacking devices that do not have the express consent of the owner is illegal!

po

Website, download, mail attachment, hidden in a photo.

En

I don't want to hack someone else's device; I'm concerned with whether I could be hacked as soon as I log into a site that I can't necessarily trust

En

My question is about whether I could be hacked while logging in as soon as I log into a page that I can't necessarily trust.

Ne

Theoretically, a virus or malware can already be downloaded when visiting a poorly protected or ominous website.

And depending on how invisible the malware is, it may or may not be detected by Windows or the protection program.

Vi

Simply logging in (with a modern web browser) should actually not cause anything to happen (i.e. Not malware directly). But I could make a website like facebook-auth.com, and then send mails with texts like please confirm your Facebook password at facebook-auth.com. And facebook-auth then looks 1 to 1 like facebook and saves the passwords in my hacker database. From there I can of course go further. I could assume, if your facebook account email is tollerTyp@mail123.com, that you used your facebook password there too. And already I have your email. Then a quick search in the mailbox for registration emails with the hope that you have used your Facebook password there and zack, I have all (many) of your accounts.

En

Thank you for the detailed answer!

Ru

By z. B. You're on Girlfriend without AdBlocker here.

Most malware is delivered via so-called drive-by download via hacked advertising networks.

And like every user here on Girlfriend, you have of course agreed to the data protection declaration, according to which your data may be passed on to well over 650 companies worldwide (also in South America, Asia, etc.).

This also includes many advertising networks. And if one of them is hacked, it can deliver malware.

Incidentally, the fact that you have to move on shady sides has never been true. Most of the time, regular websites that you visit every day are actually affected.

Spontaneously I come across YouTube, Amazon, the Sparkasse, and many more. A. There are regular reports on this in the relevant trade press.

By the way, antivirus software is a scam and in the vast majority of cases does not work at all. Incidentally, the above drive-by downloads are an order of magnitude less than if you download an EXE somewhere.

It is also virtually impossible for laypeople to protect themselves from it. Ideally, you use a kind of sandbox like Sandboxie, an AdBlocker and control the content of a website with browser add-ons like uMatrix, or at least with NoScript.

But especially the last point with the add-ons overwhelms most people.

Regular security updates should also be installed promptly, but all common browsers have major security holes every few days or weeks that need to be fixed.

So if your browser is considered secure today, it is almost guaranteed that it will have to be viewed as an open barn door at this point in one to three months at the latest.

In the last two weeks in particular, one emergency patch after another for Chrome-based browsers has been released. (So Vivaldi, Edge, etc.)

But Firefox too received a whole bunch of emergency patches about two to three weeks ago.

Conclusion: So layman it is difficult to protect yourself.

To start with, it's simply worth using an AdBlocker. This is pure self-protection.

The use of sandboxie is not overwhelming, but it is extremely worthwhile.

With these two measures alone, you can probably reduce your attack surface to the alcohol range.

And as I said: antivirus software is useless as it can't detect new and unknown malware for technical reasons. Manufacturers have been saying this again and again for 30 years, but that is a lie.

Any student can easily write malware that no AV software will detect. So don't spend any money on snake oil like this!

En

Thanks for the answer and the tips regarding AdBlocker and AV software. I've been using an ad blocker for years, but anti-virus software doesn't work with Windows 10.