Avoiding Viruses and Other Harmful Attacks

Understanding Harmful Attacks

Using the Internet can expose your computer to a wide variety of harmful attacks, such as viruses, worms, and Trojan Horses. These attacks can come through e-mail, file transferring, and even possibly through Java and ActiveX, which are both programming languages used to enhance web pages.

A virus is an executable program whose functions range from just being annoying to causing havoc to your computer. A virus may display an innocuous warning on a particular day, such as Friday the 13th, or it may cause a more serious problem, such as wiping out your entire hard disk. Viruses are found in executable (.exe and .com) files, along with Microsoft Word and Microsoft Excel macro files. A worm is like a virus, but it can spread without human action across networks. For example, a worm might send e-mail copies of itself to everyone in your e-mail Address Book. A worm can consume memory causing your computer to stop responding or even take it over. A Trojan Horse, like it’s mythological counterpart, is a program that appears to be useful and comes from a legitimate source, but actually causes problems.

Spreading Harmful Infections

Many viruses and other harmful attacks spread through file downloads and attachments in e-mail messages. Virus writers capitalize on people’s curiosity and willingness to accept files from people they know or work with, in order to transmit malicious files disguised as or attached to benign files. When you start downloading files to your computer, you must be aware of the potential for catching a computer virus, worm, or Trojan Horse. Typically, you can’t catch one from just reading a mail message or downloading a file, but you can catch one from opening or running an infected program, such as a file attached to an e-mail message, or one you download for free. And even though most viruses and other harmful attacks take the form of executable programs, data files that have macros or Visual Basic code attached to them, such as Word or Excel files, can also be infected with viruses.

Avoiding Harmful Attacks

There are a few things you can do to keep your system safe from the infiltration of viruses and other harmful attacks.

1) Make sure Windows Firewall is turned on. Windows Firewall helps block viruses and worms from reaching your computer, but it doesn’t detect or disable them if they are already on your computer or come through e-mail. Windows Firewall doesn’t block unsolicited e-mail or stop you from opening e-mail with harmful attachments. For more information on Windows Firewall, see “Connecting to the Internet” on page 135 and “Setting Up Windows Firewall” on page 137.

2) Make sure Automatic Updates is turned on. Windows Automatic Updates regularly checks the Windows Update web site for important updates that your computer needs, such as security updates, critical updates, and service packs. Each file that you download using Automatic Update has a digital signature from Microsoft to ensure it’s authenticity and security. For more information, see “Updating Windows” on page 440.

3) Make sure you are using the most up-to-date antivirus software. New viruses and more virulent strains of existing viruses are discovered every day. Unless you update your virus checking software, new viruses can easily bypass outdated virus checking software. Companies such as McAfee and Symantec offer shareware virus checking programs available for download directly from their web sites. These programs monitor your system, checking each time a file is added to your computer to make sure it’s not in some way trying to change or damage valuable system files.

4) Be very careful of the sites from which you download files. Major file repository sites, such as FileZ, Download.com, or TuCows, regularly check the files they receive for viruses before posting them to their web sites. Don’t download files from web sites unless you are certain that the sites check their files for viruses. Internet Explorer monitors downloads and warns you about potentially harmful files and gives you the option to block them. For more information, see “Downloading Files from the Web” on page 160.

5) Be very careful of file attachments in e-mail you open. As you receive e-mail, don’t open or run an attached file unless you know who sent it and what it contains. If you’re not sure, you should delete it. The Attachment Manager provides security information to help you understand more about the file you’re opening. To protect your computer from harmful attacks, see “Sending and Retrieving a File” on page 180, “Reading and Replying to E-mail” on page 178, and “Protecting Against E-mail Attacks” on page 345.

6) Make sure you activate macro virus checking protection in both Word and Excel. To do so, click the Tools menu, point to Macro on the expanded menu, click Security, and then make sure that the High Security Level option is selected. (In Office 2000, XP, or later, click the Tools menu, click Options, click the General tab, and then make sure the Macro Virus Protection option is selected.) And always elect not to run macros when opening a Word or Excel file that you received from someone who might not be using proper virus protection.

Avoiding Other Intruders

Spyware is software that collects personal information without your knowledge or permission. Typically, spyware is downloaded and installed on your computer along with free software, such as freeware, games, or music file-sharing programs. Spyware is often associated with Adware software that displays advertisements, such as a pop-up ad. Examples of spyware and unauthorized adware include programs that change your home page or search page without your permission. To avoid spyware and adware, read the fine print in license agreements when you install software, scan your computer for spyware and adware with detection and removal software (such as Ad-aware from Lavasoft), and turn on Pop-up Blocker. For details, see “Blocking Pop-Up Ads” on page 342.

Spam is unsolicited e-mail, which is often annoying and time-consuming to get rid of. Spammers harvest e-mail addresses from Web pages and unsolicited e-mail. To avoid spam, use multiple e-mail addresses (one for web forms and another for private e-mail), opt-out and remove yourself from e-mail lists, and turn on the Block Images And Other External Content In HTML E-mail option. For details, see “Protecting Against E-mail Attacks” on page 345.

Phishing is an e-mail scam that tries to steal your identity by sending deceptive e-mail asking you for bank and credit card information online. Don’t be fooled by spoofed web site that look like the official site. Never respond to requests for personal information via e-mail; call the institution to investigate and report it.