ClickCease Blog

Trojans, Viruses, Worms & Bots: What’s the Difference?

Any savvy computer user knows to watch out for viruses. But then, sometimes there’s a Trojan in your email? Or a worm in your hard drive? And we need to keep an eye out for bot traffic on our websites and paid ads? OK, hold up. 

Knowing the difference between what is a Trojan vs virus vs worms vs bots (and botnets??) can help keep you safe online.

Are these all the same thing? Is there any similarity between these digital threats? 

Well, they are all sort of related, although more in the way that your distant cousins are to you. There are family resemblances, and on occasion they can get together to weak havoc, but by and large they have their own lives. 

This quick guide to viruses and malware will explain, in simple terms, what is a Trojan, bot, virus and computer work. It’s designed to help you understand what the threats are and how to cross the road to avoid them if you see them coming the other way.


Trojan malware infection

Remember history lessons in school? There’s a story from The Odyssey about how after a really long war against the city state of Troy, the Greeks got bored of dying and decided to build a big wooden horse to give to their enemies. 

The Trojans took the giant hollow wooden horse right into the centre of their town and were so overcome by gratitude that they went to bed. That night the Greeks hiding in the hollow horse jumped out and killed everyone. 

And that, kids, is how Trojans work.

The digital version is normally found in a file which contains a piece of code that is activated after its embedded on the device. 

Once in-situ, a Trojan can do all kinds of sneaky things. Although that doesn’t include killing you, you’ll be pleased to hear…. Yet.

  • Steal data
  • Deleting files
  • Carry out remote tasks such as crypto mining or click fraud
  • Spreading other harmful files (see below)
  • Operating as an entry point for malicious agents

An example of a Trojan used for click fraud is MIUREF, which has been around since at least 2013 and is still active today. In fact, MIUREF was used in one of the most infamous cases of organised click fraud, the 3ve and Methbot botnets.

You can read more about 3ve and Methbot in our post about these two related campaigns. 

How to avoid Trojans

Like that big wooden horse, you can only get a Trojan on your system if you let it in. This usually involves an action on the part of the user (you) which might include:

  • Downloading and opening a file (could be something as innocuous as an email attachment)
  • Running software from a suspicious source

To avoid being infected by Trojans on your system, avoid downloading or running any files on any of your devices if you’re not 100% sure of their source. 

Use a virus scanner on your device and run it regularly to find and remove Trojans.


malware virus image

Like viruses in the real world, these sneaky bits of code are capable of spreading themselves and even mutating. 

The term virus and malware is often used interchangeably. But malware is any type of software that is compromised by any or all of the components on this list. 

Much like Trojans, viruses find their way onto devices such as computers or cellphones through installs. This can be an app, a browser extension, an executable file as an attachment or if you don’t wash your hands after coming back from the shops. OK, maybe not the last one.

A particularly shady way for viruses to spread is in ‘viral content’ such as images, audio files or videos. So, it’s possible to be infected by a digital virus if someone sends you an infected gif, video or picture.

How do digital viruses spread? 

Viruses can hijack software on your system and can be pre-programmed to carry out a task such as:

  • Sending out files from infected software on your device (such as email clients)
  • Scanning your computer to steal data/keystrokes etc
  • Carry out DDoS attacks as part of a network

An intriguing recent development is app malware on the Google Play store, which is usually ‘side loaded’. This basically means that apps are clean when installed, but that some additional code is added during an update. 

This code then acts as a virus and can carry out activity such as displaying intrusive ads, or performing actions in the background without the user’s knowledge – for example click injection or click spamming.

How to avoid and protect against digital viruses

Like any malware or digital infection, protecting against viruses takes a little bit of savvy and, mostly, common sense.

  • Avoid downloading software from suspicious sources
  • Be wary of opening email attachments from non-trusted senders
  • With Android apps, make sure to only use the Google Play store to install and ideally research your app first. If it has bad reviews for performance or intrusive ads, avoid it


worm virus malware

Similar to viruses, worms are malware infections that are capable of replicating themselves and spreading between computers. Again, this is often through software downloads or attachments.

Often when people refer to viruses spreading, its the worm that is doing the spreading. Worms can also delete or install applications, use up free space on your hard drive or just make copies of itself to distribute.

Like many other forms of malware on this list, worms can also use a ‘logic bomb’. Sounds like something that intellectual terrorists would use right? Actually, its a set of circumstances that, once met, can activate a particular activity in the worm or virus.

For example, a worm might remain dormant until a certain set of keystrokes, or a certain program is updated. Once the criteria is met, the worm will be activated and start carrying out its malicious duty.

How to protect against worms

Again, it’s a case of common sense and avoiding downloading anything suspicious. Attachments in emails, links in instant messages from unknown sources, pirated software and websites that are crammed full of spammy pop ups are all hotbeds of worm and virus activity.

Run a regular anti-virus scan on your device to weed out those pesky worms.


bots and web crawlers malware

Short for ‘robots’, bots are pieces of code that are normally programmed to do a specific task. There are good bots and bad bots, and in fact most bots are used for purposes such as data scraping or scanning the internet for certain things.

You’ve probably used software today that uses bots. A good example is a search engine. The results are usually found after having been indexed by web crawlers, a type of bot that logs details about websites. 

Like other digital infections on this list, bad bots (or malware bots) are often embedded in the code of software applications. Popular hosts for malware bots include apps, browser extensions and software programs.

Once there is a whole bunch of these bots installed, they can then all link together via a command and control centre (C&C). 

From here, the controller can link these bots together into a botnet (network of bots) to perform more complex tasks. These can include:

  • Denial of service attacks (DDoS)
  • Ad fraud (where bots are used to view or click on ads on spoofed websites)
  • Stealing data such as keystrokes or files on a device
  • Allow access for the C&C operator (or other parties)
  • Access IOT devices (internet of things) to take control or steal their data

Here at ClickCease, we’re focused on protecting pay per click ads from bot activity, or click fraud. These clicks often come from click farms, or from organised botnets looking to run down your marketing spend.

In terms of click fraud, bad bots are usually programmed to perform an action such as clicking repeatedly on a specific link or button. Consider that each of those clicks is your money, and you see why they’re bad bots.

Read more about click fraud in our comprehensive guide…

How to avoid or protect against bots

Like all of the malware infections on this list, protecting against bots on your computer or portable device involves caution. A regular scan with a virus scanner and being cautious with downloading or running software.

For marketers running pay per click ads, protecting against bots and botnets is a daily challenge. From our own data we see that bots click around 90% of all ads online, every day.

So, if you’re using a PPC ad platform, you’re probably losing at the very least 10% of your ad spend to bots. 

With ClickCease, we log the identity of each device that clicks on your paid links and make sure that we block those bad bots. If you’re running PPC ads on Google Adwords or Bing Ads, run a diagnostic on your account with our free trial to see how much bot traffic your ads are seeing.

Final Thoughts

These digital threats exist because there is a lot of money to be made from fraud online. From data theft to click fraud, for hackers, coders and developers, it’s an irresistible target.

Although it might feel like it’s a never ending task defending your data from viruses, bots and trojans, using software and taking precautions is the best way to avoid becoming a victim.

  • Be careful what you download
  • Run a regular virus scan
  • Use anti-click fraud software if you run PPC ads

Stay safe out there!


Since working for ClickCease, Oli has become something of a click fraud nerd, and now bores people at parties with facts about click farms and internet traffic stats. When not writing about ad fraud, he helps companies to optimise their marketing content and strategy with his own content marketing business.

Add comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Block click fraud from ruining your campaign!

Most discussed