Skip to content



Malware is a software that infects your devices with the intent of damaging, destroying or recording information.

Malware can gather information on you and, in some cases, it can activate your device’s microphone and camera where it can record your activities. Malware is used by criminals, but it might also be used by governments and adversaries looking to target you.

In most cases people unknowingly install malware on their device by opening up infected documents and/or clicking on links.

How do you know if your computer has been infected with malware?

  • Your device may run slower than usual
  • Pop up ads will appear on your device
  • Your computer/phone may not function as it should


Best practice: malware

  • Think carefully before you click on any links or download documents sent in emails, SMS, and social media messages. (See also phishing and spear phishing below.)
  • Avoid using websites with content such as pirated films or pornography. These sites are known to infect computers with malware. Do not use fake software for the same reason.
  • Think about installing an antivirus software on your devices. This will help to identify certain types of malware. But remember to keep your antivirus up-to-date.
  • If you think your computer is infected do not synchronise it with your phone and other devices.


Phishing and spear phishing 

Phishing and Spear Phishing are a big problem for journalists. Attacks are often hard to detect and the consequences can be serious both for you and your sources.


1. Phishing:

A phishing attack is a message that attempts to trick you into clicking on a link, downloading a document or installing software. The message can come in a variety of forms, including emails, SMS messages and social media messages.

Criminals will use phishing attacks to target a wide range of people. They are looking to trick people into handing over passwords and/or to download malware onto their computers.

2. Spear Phishing:

Spear phishing is a phishing attack that directly targets you. The adversary may tailor a message so that it looks as if it is from someone you know in the hope that you will click on a link and/or open a document.

The intention of the spear phishing attack is usually to collect information on you, your stories, and your sources. The adversary could also use malware to listen to your calls and read your emails.

Protect yourself against phishing and spear phishing:

  • Spear phishing attacks are more common during elections and times of political unrest. Do a threat analysis of your adversaries and investigate if they use spear phishing attacks.
  • Be sceptical of messages that threaten to lock down your account or ask you to change your passwords.
  • Look carefully at the email address of the sender. Check that it looks legitimate. Verify the email with the sender if you are unsure.
  • If there are links in the email do not click on them. Hover your mouse over them and look at the URL. Check that it looks legitimate.
  • Think about using two-factor authentication to protect your accounts. See our email guide for more information.
  • Keep the software on your devices updated. This will help protect your computer/phone against vulnerabilities which hackers can exploit.
  • Do not download suspicious documents onto your devices, instead upload them directly to Google Drive.
  • Upload documents or submit suspicious links to Virus Total. This website will scan them for viruses. Be aware that Virus Total will not be able to detect all viruses.

Read more:

The Intercept has put together this easy-to-understand guide to phishing and spear phishing.

The Electronic Frontier Foundation has a guide to protecting yourself against phishing.


We use cookies to give you the best experience of using this website. By continuing to use this site, you accept our use of cookies. Please read our Cookie Policy for more information.