A Practice Note providing an overview of what malicious software (malware) and end user attacks are, how they work, and how to prevent, detect, and respond to these cyberattacks. This Note discusses common delivery methods and attack types, including phishing, malvertisements, viruses, worms, adware, spyware, keystroke loggers (keyloggers), bots, Trojans, business email compromises (BEC), and ransomware. It also discusses methods individuals and organizations can use to defend themselves.