search cancel

The Email Advanced Threat Protection Dashboard report, the Advanced Threat Protection summary report, and the Advanced Anti-Malware Detailed Report refer to the following malware categories


Article ID: 150676


Updated On:


Email Threat Detection and Response




Table: Malware Categories

Malware category



A worm has the ability to self-replicate across a network. Worms are threats that self-replicate across disks without the help of host files or other vectors. For example, a worm can copy itself to a USB drive and then from the USB drive to the hard drive of a computer.

Virus (file infector)

A virus has the ability to self-replicate on the same host.


A backdoor is a program or a feature in a program that allows unauthorized remote control and access to the system on which it is installed, without notice or consent. The program that controls - and, often connects - to the backdoor can be considered a component of the backdoor, even if that program installs with notice and consent.


A phishing email is an attempt to illegally gather personal and financial information by sending a message that appears to be from a well-known and trusted company. A phishing email typically includes at least one link to a fake website that is designed to mimic the site of a legitimate business and entice the recipient to provide information that can be used for identity theft or online financial theft.


An infostealer contains functionality that is intended to collect confidential data from the target system without notice or consent. Confidential data includes information that most people would not be willing to share with someone, such as bank details, credit card numbers, and passwords.


A downloader installs or causes other malware to be installed on a system. A downloader is a program that has the sole purpose of downloading other programs without adequate notice or consent.


A Trojan purposely modifies or deletes system components without the user's consent. A Trojan effectively disrupts the host computer's functionality, including changing a system to prevent it from accessing resources on a network or the Internet.


A hacktool is a program with the primary purpose of providing the means to exploit or subvert an operating system or third-party application to gain unauthorized access or render that application unusable.


The spyware category refers to standalone programs that can secretly monitor your activity on a computer. Spyware can covertly detect user names, passwords, and other confidential information and relay the information to another computer.


Email messages can be classified as uncategorized when Skeptic identifies previously unseen malware.