Malware and Fake Downloads: Stay Safer Online
You reduce malware risk by keeping devices updated, using reputable security software where appropriate, and avoiding unexpected downloads, "fake update" prompts, and untrusted apps.
This guide focuses on the real entry points for malware in consumer contexts: fake downloads, malicious attachments, dodgy links, and compromised sites. It is designed for UK users who shop, bank and work from browsers and mobile devices. It includes a "containment first" response plan that mirrors official UK advice: update, scan, change passwords, and log out sessions.
Practical prevention
- Keep your device and apps updated.
- Treat unexpected "update" or "scan" prompts as suspicious.
- Download only from official or trusted sources.
- Use reputable security software and keep it updated.
Common malware delivery routes
- Fake downloads: Malware disguised as legitimate software, cracks, or "free" tools.
- Phishing links: Report Fraud notes that phishing may drive victims to sites that download viruses or steal banking details.
- Malicious ads: Compromised ad networks can serve "drive-by" downloads.
- Attachments: Files in emails or messages that run or install code when opened.
Practical prevention
Updates are your first defence. NCSC guidance on defending online accounts from malware emphasises keeping devices and software updated. Treat any unexpected pop-up saying "your computer is infected" or "update now" with suspicion—legitimate updates usually come through the operating system or app's own update mechanism. Avoid downloading from unfamiliar sites, torrents, or unofficial app stores.
Security software basics
NCSC advises using reputable antivirus or security software and keeping it updated. Understand what it can and cannot do: it can block many known threats and scan for suspicious behaviour, but it cannot protect against every zero-day or social engineering. Choose software from a trusted vendor; avoid free "security" tools from unknown sources that may be malicious themselves.
If you think you're infected
- Isolate: Disconnect from the internet if you suspect active theft. This limits the attacker's ability to exfiltrate data.
- Update: Apply all available updates to the operating system and security software first—updates include protections against known threats.
- Scan: Run a full scan with your security software.
- Change passwords: From a clean device if possible, change passwords for email, banking and critical accounts.
- Log out sessions: Revoke active sessions on key services and review for unauthorised activity.
Protect your "master accounts"
Prioritise email, banking and password managers because they unlock others. If your email is compromised, attackers can reset passwords on many accounts. Use two-factor authentication and a secure password manager with a strong master password. See our credential stuffing guide for why unique passwords matter.
Frequently asked questions
- Can a fake website infect my device?
- Yes—phishing sites can trigger malicious downloads or steal credentials.
- Should I update first or scan first?
- Update promptly first, then scan—updates include protections against known threats.
- What accounts should I secure first?
- Email and banking first, then any accounts sharing the same password.