Emails can also contain malware. However, malware can be contracted from other sources as well, including: banner ads, drive-by downloads, malicious links as well as by spreading from host to host within an unsecured network, such as a VLAN. This spreading behavior is especially common in banking malware/trojans such as Emotet, which has seemingly risen from the dead with new authors and servers. It’s important to have good anti-virus protection in the hopes of catching such malware early.

Sometimes, malware can demand that you pay a ransom after it has deleted or encrypted your data with a key possibly known to an attacker. Ransomware has shut down many businesses, some indefinitely. This is especially true in the early days when the encryption procedures were less reliable and prone to data loss. Law enforcement agencies generally discourage paying a ransom demand.

While many of todays attacks focus on the user intentionally clicking on or executing a malicious payload, this actually means that your other security protections are working to keep the bad guys out. This doesn’t mean you can lax the protection of your patch schedule, firewall, web filter or other security measures. True security in today’s world requires a layered approach designed to frustrate attackers at each step of their process (and hopefully to a greater extent than your users). One of the most effective final layers of protection you could implement is to block outbound Internet access completely or whitelist known-good destinations at the firewall. Obviously, this is challenging on desktop operating systems, where users expect to be able to use their devices unhindered, so an easier target for this control may be servers, which often do not need to talk to undefined Internet locations.