“Malware” is an all-encompassing term used to describe any malicious program. In years past, viruses were the big threat. Viruses would actually infect a floppy disk and the files contained on it. By just inserting the floppy disk, you could infect your hard drive. I have not seen a virus of this type in years, though.
Today’s malware is commonly spread by email or infected web sites. I’m sure many of you have seen the DHL, UPS, or FedEx message that says your package could not be delivered. Some of these emails look very official, with the proper logo and footer at the bottom. They ask you to open the attached ZIP file. If you do, look out! Another common malware variation is the “fake anti-virus” program. If you go to an infected web site, a pop-up will tell you that your computer is infected, “click here to scan”. No matter what you click, you will likely get malware. (Best option here is to restart the PC without clicking ANYTHING). Certain web sites are riskier than others – sites that offer free backgrounds and screen savers, free gambling sites, etc.
What does malware do? Whatever its creator wants it to! Some of the scariest stuff will scan your computer for saved passwords and transmit them to a server somewhere. Or the program can record keystrokes and transmit those.
So what can we do to prevent malware? Well, the first step is an anti-virus program. I’ll be honest; I have seen a lot of infected computers that had fully functional anti-virus programs on them. I have never seen one that is bullet proof. Still, these programs will provide some safety, and some is better than none. For comparisons of anti-virus programs, look here: http://www.pcmag.com/reviews/antivirus#fbid=HX-7DluYbGb Make sure the review you’re reading is relatively current, or it’s worthless.
The second thing you can do is be a cautious computer user. If you get a file from a friend that you weren’t expecting, look at what they said about it. If your father says “OMG check out this video – pwnage!”, chances are pretty good that your father didn’t really send it.
Microsoft NEVER sends files as email attachments. UPS, FedEx, etc. might send you an email with a link in it, but not a file attachment.
Another threat out there is “phishing”. This is an effort to get information from you. This will be an email saying your Paypal account was suspended. “Click here to confirm your logon and password”. Similar emails claim to be from your credit card company, your bank, etc. The crooks don’t care if you really have an account. They’ll just send a few thousand emails and hope a couple people fall for it. Although some anti-virus programs try to prevent phishing scams, the best defense is you.
Third, quite a few people run Mozilla Firefox and swear that it’s less prone to malware than Internet Explorer. You can get it here: http://www.mozilla.org/
Get yourself some anti-virus software and be careful out there!
PS – If you get malware, I recommend ComboFix from http://www.bleepingcomputer.com and the free version of MalwareBytes from http://www.malwarebytes.org to clean up the damage. If you need help, call me.