Cyber Doc logo Cyber Doc
Cybersecurity Term

What is a Trojan?

Malware disguised as a legitimate file, attachment, or program so someone will run it.

Malware & Ransomware Last reviewed: 2026-05-20

← Back to Learn Centre

What is a Trojan?

A Trojan is malware that pretends to be a legitimate file, program, or attachment so the user will run it.

Simple example

A fake invoice viewer is downloaded and appears useful, but it quietly installs malicious software.

Why it matters

Trojans are often used to steal information, install other malware, or create remote access for attackers.

Common warning signs

  • The activity is unexpected or unusual for the business context.
  • The request or system behaviour creates pressure to act quickly.
  • Normal approval, verification, or security processes are bypassed.
  • There are signs of unauthorised access, data exposure, or system change.
  • Staff are unsure whether the request, message, or system behaviour is legitimate.

Cyber Doc view

This term should be understood in business context, not only as a technical issue. Good protection usually combines clear processes, appropriate technical controls, staff awareness, and a calm response plan.

What to do

Proactive steps

  • Download software only from trusted sources.
  • Restrict software installation rights.
  • Use endpoint protection.
  • Warn staff about unexpected installers and attachments.
  • Keep operating systems and browsers updated.

Reactive steps

  • Stop using the affected device for sensitive work.
  • Disconnect it if compromise is suspected.
  • Run security checks or get expert help.
  • Change exposed passwords from a clean device.
  • Review whether other systems were accessed.

Related terms

  • Malware
  • Remote access trojan
  • Phishing