Malware wears costumes to get inside your computer

Much like trick-or-treaters, malware can use costumes to disguise what it is, but its purpose is to trick you into installing it. Know what to look for to avoid the trick.

Trojan horses

Trojan horse malware got its nickname because it comes in a harmless-looking disguise. Trojan horses may strike as apps in smartphone app stores, freeware or even attachments to emails. A common technique notifies you that you have a voicemail, fax or shipping receipt. If you click the attached document to hear the voicemail, see the fax or find out who shipped you a package, the file downloads malware to your computer. The attachments can look like normal Word documents, photos, sound files or PDFs. Any kind of file can conceal malware.

Drive-by downloads and malvertising

Drive-by downloads occur when a program is downloaded onto your device without your permission or knowledge when you visit a website and click on a legitimate-looking ad. Malicious advertising or “malvertising” embeds malware inside the ads that downloads onto your device if you click the ad.

Malicious links

“Link bait” is website content that other sites link to, such as blog posts, an eBook or a viral video. While link baiting is usually done to generate high levels of clicking (to raise ad revenues), sometimes those links lead to viruses, Trojans or worms; in these cases they are considered malicious.

Malicious links tempt you to click on them from other sites. As the malicious website opens, malware can be installed on your device invisibly. Simply visiting these websites is enough to infect your device.


Scareware tries to get you to click on it by making pop-up boxes look like messages from your computer with official-looking calls to action such as “System Warning!” or “Your computer is infected. Click OK to remove the virus.” If you click the message, the malware can download to your computer. Because clicking anywhere on the message might download the malware, instead of clicking on the X to close the pop-up, press Alt+F4 (Windows and Linux) or ⌘-Shift-W (Mac).

Minimize your risks

Avoid the tricks by being aware of the tactics, and use these strategies to stay safe:

Questions or comments?

We're here to help. Do you have a security-related question or suggestion or want to comment on this article? Contact the IT security officer.

Learn more

Visit the iRiskAware page on CityTalk for more security-related tips and information.

Published Nov 4, 2015



Contact us

Email updates

Find a service

About this site

For employees

For reasonable accommodations or alternative formats, contact 311.
People who are deaf or hard of hearing can use a relay service to call 311 at 612-673-3000.
TTY users can call 612-673-2157 or 612-673-2626.

Para asistencia 612-673-2700, Yog xav tau kev pab, hu 612-637-2800, Hadii aad Caawimaad u baahantahay 612-673-3500. 

Salary Compliance Notice:
State statute 471.701; Notice of Salary Compliance, requires that the City post for not less than 90 days
the job title of the three highest paid employees along with their base salary. For 2018 these were:
1. City Attorney, $186,490
2. Assistant City Coordinator Convention Center, $183,600
3. Director Public Works, $181,191


311 call center

311 TTY relay service

City of Minneapolis Facebook City of Minneapolis Twitter City of Minneapolis YouTube ChaNNEL Minneapolis 311 Watch Minneapolis City Council TV City of Minneapolis LinkedIn

Minneapolis, City of Lakes logo