How to Avoid Trojan Horse Attacks

What is Trojan malware?

A Trojan Horse is a type of malware, or malicious software often and incorrectly described as a virus. What's the difference? Well, while a virus can execute by itself, a Trojan Horse must be executed by the user. A virus also self-replicates, spreading to other files and systems and corrupting as it goes. A Trojan Horse, on the other hand, doesn't, infecting only one system or device at a time. But it's just as damaging as any computer virus and is a hugely popular attack vector— Trojans made up more than 51% of all malware in 2022.

We all know the Greek myth, the story of Odysseus and his army hiding inside a hollow wooden horse, presented to the city of Troy as a gift. This 'gift' was the Greek's clever last-ditch effort to get past the Trojan's defenses which had kept the Greeks at bay for a decade. The Trojans accepted the gift not knowing they had just accepted their fate.

The Trojan Horse works in the same way— it is malware disguised as something the user wants in order to get past any defenses the user may have.

How does Trojan malware work

Trojans can affect laptops, desktops, smartphones, and tablets. They are deployed in a number of different forms such as email attachments, free software, or pop-ups. If you've ever been browsing the internet and got a pop-up telling you that your device is infected with malware and to download this antivirus software for Trojan removal...don't do it. You're likely not infected with malware but if you click on it, you most certainly will be.

You might think that's pretty obvious and easy to spot, but Trojans can be quite clever and trick you by mimicking the real deal. For example, say you get an email from a “friend” saying “You have to watch this hilarious cat video!”

You're a sucker for a funny cat video and it came from a trusted friend, so you open it. It is indeed a hilarious cat video. You laugh, close it (maybe even forward it...) and continue about your business completely unaware of what you have done.

Not only have you succumbed to a common phishing scam (yep, that email wasn't from your friend after all) but as you laughed at furry fun you installed Trojan malware without even realizing it.

Now that the Trojan has infiltrated your system it can perform any number of nasty actions from keylogging and stealing passwords, personal and private data, data modification or deletion, and installing ransomware. It can even deactivate your installed firewall or antivirus software so that it can easily infect your device with more malware.

Not to be outdone by a virus, Trojans can also spread to other computers. They do this not by self-replicating but by turning the victim's device into a “zombie computer”. This means the host computer is used to attack other computers without the victim even realizing it.

How to detect Trojan Horse malware

Now that you know what is Trojan malware, you might think it would be easy to detect. Think again. Trojans mimic legitimate software which makes it difficult to spot. But if your computer has been affected by a Trojan Horse there will be a few tell-tale signs, such as:

Increased CPU usage: If it sounds like your laptop or PC is processing when it shouldn't be, that's a pretty good sign that there is something running in the background.

Regular crashes: If your computer is constantly crashing it might be because a Trojan Horse is in conflict with other internal systems.

More spam, more pop-ups: A good indication of Trojan malware infection is an increase in email spam and browser pop-ups.

Slower system: Does your computer often freeze when you're multi-tasking? Or perhaps it has significantly slowed down. Both could be a sign of a Trojan Horse.

You may just find that your device is acting “odd”. Strange things like your mouse moving on its own or freezing, icons on your desktop looking slightly different, or your browser redirecting you to a different website other than the one requested.

If you notice any of these things, keep reading...

Steps for Trojan removal

If your device has been infected with Trojan malware, then the first thing to do is to download a specialized Trojan removal software. There are plenty of options out there, a quick Google search will sort you out.

Then, follow the next steps:

• Shut down your PC and restart in safe mode to prevent the malware from running.
• Remove any temporary files using the Disk Cleanup tool.
• Use the Trojan removal software to scan for malware. If any malware is found it should remove it automatically.
• Restart your device in normal mode.

Hopefully, you've been doing regular backups and you can easily restore your data or any damaged files.

How to prevent a Trojan malware attack

Of course, what you really want is to avoid Trojan Horse completely so that you don't have the arduous task of Trojan removal. Following these five tips will help you reduce the risk of being a Trojan malware victim.

Be aware of phishing emails

Remember in our example above with the funny cat video? Phishing emails are a favorite way for cybercriminals to deliver their Trojan Horse. There are many other forms of phishing tactics which we explain here: Are You Aware of the Most Common Phishing Attacks?

These social engineering techniques trick you into thinking the message comes from someone you know and lulled into a false sense of security, you click a link or download an attachment, and with it the malware.

If a friend sends you a link, double check they have in fact sent you something by contacting them on another platform. Also, don't click on any email links that ask you to reset your password or confirm your login details. Instead, visit the account website in a new browser tab by typing the address into the address bar.

Install good antivirus software

Choose an antivirus tool that also has malware protection. There are so many providers out there all claiming to be the best. Do your homework and don't automatically go with the cheapest, or with free. Usually, in these instances, you get what you pay for. Plus, don't forget the saying that if the product is free...then you're the product. You don't need to swap malware protection for your privacy.

Keep systems up to date

Threat actors will know of any vulnerabilities in operating systems, browsers, or built-in cybersecurity software. So make sure that when you're offered an update to these systems, you accept. This will help to close down one gateway for a Trojan malware attack.

Download only from trusted sources

As we've mentioned, Trojan Horses mimic legitimate software so stick to reputable sources for your downloads. If you come across a piece of software that you want to download, do some research and check out the reviews first. Beware free software or anything that requires you to download a “downloader” first. These will likely contain a Trojan or some other form of malware.

Use an ad blocker

Some Trojan malware lurks in web ads so using an ad blocker is a good idea, (it's a good idea anyway to stop advertisers from tracking you!). You can download ad blockers or use a browser extension. But just beware, as there are some Trojans masquerading as ad blockers.

We told you it was difficult to detect!

Now that you know the answer to “what is Trojan malware?”, how to detect it, and trojan removal techniques, safe internet use education doesn't stop there! Check out our Top 10 Tips on How to Use Public WiFi Safely.