Malware attacks are the most common type of cyberattack. Malware is defined as malicious software, including spyware, ransomware, viruses, and worms, which gets installed into the system when the user clicks a dangerous link or email. Once inside the system, malware can block access to critical components of the network, damage the system, and gather confidential information, among others.

To prevent malware attacks,

• Think twice before clicking on links or downloading anything
• Do not open email attachments or images from an unknown source
• Don't trust pop-up windows that ask you to download software
• Limit your file-sharing to people or sources you know
• Be mindful of websites that you visit. Make sure the sites are sites that you know and trust. 

Video: Malware - Security Awareness

Cybercriminals send malicious emails that seem to come from legitimate resources. The user is then tricked into clicking the malicious link in the email, leading to malware installation or disclosure of sensitive information like credit card details and login credentials. By some accounts, phishing attacks account for over 80% of reported cyber incidents. 

To prevent a phishing attempt,

• Know what a phishing scam looks like
• Don't click on links in emails from sources you are not familiar with
• Don't share your personal or work information if requested via email.  Instead, go to the site that requested the information and log in first
• Change your password regularly
• Report any suspicious email to IT

Video: 
Identifying Fake Websites and Phishing Emails
Phishing - A game of Deception
Stay Safe from Phishing and Scams

Spear phishing is a more sophisticated form of a phishing attack in which cybercriminals target only privileged users such as system administrators and C-suite executives.

To prevent spear phishing, see Phishing.

Social engineering is the act of exploiting human weaknesses to gain access to personal information and protected systems. Social engineering relies on manipulating individuals rather than hacking computer systems to penetrate a target's account.

To prevent social engineering attacks,

• Never provide your personal or work information to anyone that you do not know and trust
• Research the source of unsolicited messages
• Don't fall for messages of free offers or prizes
• Delete any request for personal information or passwords
• Make sure to secure your devices with a password or PIN
• Always be mindful of risks

Video: What is Social Engineering

Ransomware is a type of malware attack in which the attacker locks or encrypts the victim’s data and threatens to publish or blocks access to data unless a ransom is paid.

To prevent ransomware attacks,

• Think twice before clicking on links or downloading anything
• Do not open email attachments or images from an unknown source
• Don't trust pop-up windows that ask you to download software
• Limit your file-sharing to people or sources you know
• Be mindful of the websites that you visit. Make sure the sites are sites that you know and trust. 

Video: What is Ransomware, How it Works and What You Can Do to Stay Protected