How malaware spreads on your computer?

Malware vulnerability is on of the few reasons I stay away from my Windows PC when surfing the net. While some of these can be just common annoyances like tracking cookies or keyloggers, some are very malicious and can wreak havoc on your system and your important files.
What is Malware?

Malware is a type of software designed to take over and/or damage your OS in one way or another. Once installed, it can be difficult to remove but that depends on the severity of the malware program as well as the degree of damage it brings which can range from being annoying to rendering your PC inoperable.

The most common types of malware include:

* Virus - A program written intentionally to enter a computer without the users permission or knowledge which then attaches to files or boot sectors and replicates and spreads. Other viruses can cause serious damage to your files and system.
* Worms - they are stand-alone software that modify their host operating system, and are likely to be started as part of the boot process.
* Wabbit - Self-replicating malware. Unlike viruses, they do not infect host programs but repeatedly replicates itself on a local computer. They’re really something more of an annoyance than a threat
* Trojan - Harmful software that is disguised as legitimate software.
* Backdoor - Software that allows remote access to the computer system without the user’s permission
* Spyware - a Software that collects and sends information. Keyloggers are a prime example
* Browser Hijack - a script or program that alters a computer’s browser settings

How does malware spread?

The most common way malware spreads on the net is via email or blogspam. These seemingly random messages contain links to sites that, once opened, either runs a script that downloads or installs malware or presents a link to a file with a very tempting filename.

Here are other ways on how malware spreads:

* Downloading infected files using Peer-to-Peer file sharing programs (e.g. Kazaa).
* Downloading infected files from an untrusted source.
* Putting an infected computer disk (floppy, CD, USB Memory stick, or DVD) into your computer.
* Clicking on a web site dialog box.
* Connecting an unsecure computer to the network.
* Clicking random links from Instant Messaging (IMs)
* Randomly opening sites from any SERP (search engine results page)

How do you spot a malware site?

Take this example:
If you search for: ‘drunk dogs site:.cn’ chances are, you’ll get one of these:

Malware site from Google SERP

Congratulations, you’ve just found a malware site.

There are a number of reasons why that site is suspicious:

* The plethora of “keywords” you see as the description. If you notice, a lot of comment and trackback spam nowadays are full of these. If you’ve ever wondered what they were for, you’re looking at the reason now.
* The seemingly random domain name. If you’re a legitimate person and not just a bot, would you register your site as www.ldwasdadwad.cn?
* The .cn TLD (top level domain). Although I’m not branding ALL .cn sites as malware sources, statistics and and security bulletins prove that most malware sites are hosted with .cn TLDs. If you want to read more on the read Computer World’s article on the subversion of Search Engines.

How do I protect myself?

* Never open a file from an unknown source. Although it’s probably over kill, I suggest that you mark all recently downloaded or installed items on your computer without your prior knowledge to be malware.
* Update your OS. If possible, download and install all security fixes. No matter how much you have Windows it’s always good practice to patch up your OS to prevent others from exploiting it’s holes.
* Install security software like AVs and ASs. Although some people don’t recommend using them, it’s better to be over cautious especially if you’re not the only one using your computer. There are tons of free security software out there like AVG, Avast and Adware to name a few. Try them out and see which works for you.
* Activate the Guest account. If multiple people are using your PC, restrict their access by using a guest account or equivalent. Sure, you may end up editing the Policies so they can save and edit files but at least they won’t be able to install malware behind your back, unintentionally or otherwise.
* Stop look and read that URL! Taking my example above, you’ll note how easy it is to spot if a site is legit or dupe. Just read the URL.
* Use common sense. The spread of most malware relies on carelessness on the part of the victim. If a sudden message pops in your IM that looks as if it’s screaming “Hey click me I’m a spam site”, do yourself a favor and close the window.