“Know your enemy” is a saying from The Art of War, a book by a famous Chinese war general about ancient war strategies and tactics. The book became popular in the modern U.S. because of its applications for business. The saying holds true today. Understanding the way your enemy operates equips you with the tools to fight back, especially in the field of cybersecurity. From malware to phishing, learn more about the most common cybersecurity threats to small business.


Malware is the catch-all term for malicious software—any software installed on a computer with an intent to do harm—from spyware to worms. Harm can take the form of stolen information, deleted files, and more. Malware is the #1 method of computer attack used by hackers today and the most common cybersecurity threat to small businesses. Malware often comes in the form of a Trojan horse.

The Trojan Horse

In Greek mythology, the Greeks set a giant wooden horse at the gates of the city of Troy as a gift for the Trojans. Instead, it was a vehicle for the Grecian army to enter the city. After the horse was wheeled through the gates, under the cover of night, Grecian men inside the horse came out and opened the gates for the rest of the army, sealing their victory in what became known as the Trojan War.

In the computer world, “Trojan horse” refers to any kind of malware that is disguised as a harmless software download. Many times, the download takes the form of a “free gift,” when it is really a computer attack. Spyware is a common Trojan horse.


Spyware is malware that collects personal information by spying on a computer user. Spyware can log keystrokes to obtain usernames and passwords (called “keylogging”) and hack into web cams to watch a user work. Spyware is one of the most unsettling security threats to small businesses because of its ability to obtain important business information.

Viruses and Worms

Computer viruses and worms are small pieces of malware that can steal, corrupt, and/or delete some or all of the data on a computer in an attack. Both can spread from computer to computer via programs like email, sending the malware to all of the contacts in an email user’s database. The difference between a virus and a worm is that a worm does not require human intervention to spread—it spreads automatically from the contact database to contact database at rapid speeds. Both viruses and worms are dangerous security threats to small businesses because of their ability to infect an entire network of computers.

Phishing and Pharming (Spoofing)

Phishing and pharming are both attempts to obtain personal information such as usernames, passwords, or banking information by pretending to be a reputable company (spoofing). Phishing is done via email, from a hacker pretending to be a bank or something else. The hacker will tell the email recipient that they need to share their information in order to protect their account, avoid a fine, receive a desirable gift, etc. Pharming is accomplished by directing a website visitor to a fake site that mimics the appearance of the real one. The visitor is tricked into giving up their personal information if they log in on the fake site.

From phishing and pharming to the various forms of malware, each of the most common cybersecurity threats is preventable. Take time to educate your employees on computer attacks so that they too can “know (their) enemy.” For professional security services, contact your friendly IT company.