Understanding Viruses, Worms, Trojans and Other Computer Threats

While everybody is nowadays aware that harmful programs and other kind of threats are common menaces our computers need to be defended from, the majority of PC and internet users still not have a clear idea of what viruses, worms and trojan horses exactly are. This article is just an attempt to give some basic definitions to help common people better identify the various kinds of computer threats.

A computer virus basically is a program that copies itself and infects other computers. It usually hides into executable files (the infected files, called hosts) to be stealthily spread from a computer to another. A true virus, to infect other computers, needs to be physically copied from the infected one, that is, it needs to be carried on an external mean (CD, DVD, USB memories, ...) or somebody has to spread it over a network or the internet. A true virus doesn't activate itself automatically, as it needs the user to perform a precise task or hit a key or a set of keys to take action. Most viruses carry a payload, i.e. a set of instructions to execute when the virus is activated. Depending on the payload, some viruses can be innocuous while others very harmful.

Worms are basically like viruses in terms that they attempt to spread from computer to computer, but unlike a virus, a worm doesn't need to be hosted into an infected file to reach its victim, as it is a fully executable file that uses its own means to spread and infect. Worms scan the internet in search of vulnerable computers, so they spread very fast.

Trojan Horses are harmful programs that look innocuous. They use to arrive as an e-mail attachment, while the e-mail text focuses on inviting the victim to open it. They usually contain harmful code that deletes files or corrupts directories.

With the term Phishing we mean all those criminal (sometime ingenious) techniques to attempt acquire sensitive information from a victim, such as user names, passwords, bank account and credit card details, by mean of fake but trustworthy looking websites. Usually a fake email is sent to the victim inviting him/her update his/her personal data for an official entity, but instead of the official web page a fake one is given.

Hostile websites use to be innocuous looking websites that hide malicious code to be executed as a script/activeX in the victim's web browser. They attempt to exploit security issues of the browser to install viruses and spyware in the computer.

Finally, it is worth to mention all those scams the internet is full of; some are restyled old scams while others are shining new. The ""work at home and be rich doing practically nothing"" is among the most famous ones: often it is just a little scam that steals the victim some money, but sometimes it may be a very dangerous game including hidden criminal activities such as money laundering.