A Trojan Horse is a computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
What does this mean for a SMB?
An SMB that trains and governs its employees to spot and avoid Phishing Attacks, USB stick attacks and other ways that Malware can be installed on computer systems, can defend against Trojan horses. Untrained employees in your company can fall victim to a hacker’s trap by clicking on the wrong link, opening the wrong document, or attempting to install the malware that looks like a legitimate program. This can easily become a bigger issue when the infected user starts sending emails or documents to other colleagues or clients, spreading the malware to those devices as well. It is important to train your staff on the basics of cybersecurity and what they can do to prevent malware from getting into the system or network. it is equally important to remove Administrator Rights from your employees to prevent the accidental installation of Trojan Horse malware.
Source: CNSSI 4009