The trojan horse achieved its fame because of the Trojan war of Greek Mythology.
As the story goes, the Greeks presented a giant wooden horse as a gift to the Trojans, who allowed the wooden horse into their walled city. Once inside the walls, the Greeks jumped out of the horse and attacked the city of Troy. A tactical, calculated method of attack.
This is where trojan horse malware gets its name. The user unknowingly allows the ‘trojan horse’ onto their device which, at the time, looks like a genuine file or application such as an MP3 music file or a Word document.
Hackers can then use the trojan horse as a means to access to the personal data stored on the victim’s device.
Trojan horse malware is not a virus. This is an important point to make.
Unlike a virus, a trojan horse cannot replicate itself and this malware can only work with the interaction from the victim. Therefore, criminals conceal this type of malware within common file types.
How does a trojan horse work?
Fake files, messages, or applications are sent to you by the cyber criminal. If you then click on the file, it gives the cyber criminal access to your device and the means to do what they want with your data.
Highly important data such as credit cards, passport details and addresses could be stolen if the correct protection is not in place.
Back in 2000, there was a famous of trojan horse malware in circulation called ‘ILOVEYOU’. This was the subject of the email that was sent out to every email address that had an account with Microsoft Outlook. This caused financial damages of an estimated £6.9 billion with around 45 million Windows PCs hit.
How do I identify a trojan horse?
This attack is normally targeted towards small businesses with less capable cyber security systems because they don’t have enough protection or advanced technical knowledge to cope with an attack.
Trojan horse malware can attack all types of devices, including mobile phones through SMS scams. Furthermore, applications have been developed which are not secure and can infect mobiles with unwanted malware.
Trojan malware is designed to harvest confidential data. Hackers will try and gain as much data as they possibly can for their own benefit. They are most likely to sell it on, usually on the dark web, to make a lot of money.
Alternatively, they could use your own data to hold you to ransom.
How to protect yourself from a trojan horse
If there is one thing you can take away from this, it is that prevention is always better than cure.
There are many ways you can protect yourself and your business from being victim of a trojan horse attack:
- Layer your defences with email, endpoint, and network security;
- Don’t visit unsafe websites;
- Be wary of email links and only install trusted software;
- Keep up with regular system and device updates; and
- Complete regular backups of your information
It is important to remember these tips.
Along with this advice comes with a bit of common sense. If something doesn’t quite look legitimate and you have concerns about what an email might contain then don’t click on it. Martin, our MD, just recently wrote about something very similar.
To make sure that the email/network security for your business is safe and secure from cyber attacks or you want advice on cyber security contact us at firstname.lastname@example.org or on 01283753333.