What is a virus? A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. A virus must meet two criteria: • It must execute itself. It will often place its own code in the path of execution of another program. • It must replicate itself. For example, it may replace other executable files with a copy of the virus infected file. Viruses can infect desktop computers and network servers alike. Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply to replicate themselves and make their presence known by presenting text, video, and audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss.

What is a virus hoax? Virus hoaxes are messages, almost always sent by email, that amount to little more than chain letters. Some of the common phrases used in these hoaxes are: • If you receive an email titled [email virus hoax name here], do not open it! • Delete it immediately! • It contains the [hoax name] virus. • It will delete everything on your hard drive and [extreme and improbable danger specified here]. • This virus was announced today by [reputable organization name here]. • Forward this warning to everyone you know!

What is a Trojan horse? Trojan Horses are impostors--files that claim to be something desirable but, in fact, are malicious. A very important distinction between Trojan horse programs and true viruses is that they do not replicate themselves. Trojans contain malicious code that when triggered cause loss, or even theft, of data. For a Trojan horse to spread, you must, invite these programs onto your computers--for example, by opening an email attachment or downloading and running a file from the Internet. Trojan.Vundo is a Trojan.

What is a Key logger?A keylogger is a type of surveillance software (considered to be either software or spyware) that has the capability to record every keystroke you make to a log file, usually encrypted. A keylogger recorder can record instant messages, e-mail, and any information you type at any time using your keyboard. The log file created by the keylogger can then be sent to a specified receiver. Some keylogger programs will also record any e-mail addresses you use and Web site URLs you visit.

What is spyware? Spyware is a general term used for programs that covertly monitor your activity on your computer, gathering personal information, such as usernames, passwords, account numbers, files, and even driver’s license or social security numbers. Some spyware focuses on monitoring a person’s Internet behavior; this type of spyware often tracks the places you visit and things you do on the web, the emails you write and receive, as well as your Instant Messaging (IM) conversations. After gathering this information, the spyware then transmits that information to another computer, usually for advertising purposes. Spyware is similar to a Trojan horse in that users unknowingly install the product when they install something else. However, while this software is almost always unwelcome, it can be used in some instances for monitoring in conjunction with an investigation and in accordance with organizational policy. Spyware is installed in many ways: • Most often spyware is installed unknowingly with some other software that you intentionally install. For example, if you install a "free" music or file sharing service or download a screensaver, it may also install spyware. Some Web pages will attempt to install spyware when you visit their page. • A person who wants to monitor your online activities may also manually install spyware. Depending on how this is done, this might be acceptable surveillance of an individual or an unwelcome, even illegal, invasion of privacy.

What is a worm? Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Although worms generally exist inside of other files, often Word or Excel documents, there is a difference between how worms and viruses use the host file. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm. W32.Mydoom.AX@mm is an example of a worm.

Security tips Protect Yourself Use proactive threat protection Traditional antivirus products rely heavily on virus signatures to detect viruses. Advanced technologies, like ThreatSense™ Heuristics, provide more proactive detection by analyzing application behavior in real-time. By executing code in an emulated environment, modern protection software can prevent damage and contain the threat before it's too late. Waiting for signatures from an antivirus vendor creates a window of vulnerability. Evaluate your vendor's technology and performance on industry tests and choose one that offers advanced heuristics. Safe Practices If you receive an attachment in email, verify (call or email) that the person who sent it intended to send it. Some viruses make the email look like it came from your friend, when it actually was sent from somebody else's computer. If the email did not come from someone you know then delete it. You will never get millions of dollars, or even hundreds of dollars for helping someone by providing your bank account to store their money. You will always lose money trying to make money this way because it is always a scam that requires you to pay more money than you will have already received. These scams only work against you. Your bank, eBay, paypal, your stock broker, etc. will not send an unsolicited email telling you that you need to provide your account number, PIN, or password in email or at their web site. Even if the email or web page says there is a problem with your account it is a hoax. If you find something like this that is not a hoax, the vendor does not understand security well enough to safely do business with. Microsoft is not going to send you a patch in email. If you get one from Microsoft call their free virus support line at 1-866-PCSAFETY or 1-866-727-2338 to report a fraud or an employee who is not following the rules. After that, delete the email. No company should send you programs in email unless you have talked to them specifically about what they are sending and you are on a support call or web support session while you receive the email with the program. If a charity asks for your support, make sure it is very well known, such as Red Cross, United Way, etc. Check with www.give.org (BBB Wise Giving Alliance). In Google or your favorite search engine type in the following words "Iowa attorney general avoid charity scam". Use the name of your state instead of Iowa and you will find results with good information from your state's attorney general's office! Stay Patched Make sure you have the most current patches that address security holes in your computer's operating system and applications. As software vendors discover vulnerabilities in their applications, they make fixes available in the form of patches or service packs. If you use Microsoft® Windows™, subscribe to the Microsoft Windows Update Service. From the Start programs menue, open the Control Panel and select System Properties. Click on the "Automatic Updates" tab and make sure that automatic updates is enabled. Consider installing the Windows XP Service Pack 2, which will keep Internet Explorer patched. Note, that even the Mozilla's FireFox web browser has security patches available (you'll notice the green up arrow in the upper right corner of the toolbar). Check with your other software vendors for patches and updates.
Powred by eset.com