Viruses, worms, Trojan horses and related computer threats are commonly confused with each other because they often cause similar damage. Viruses have been around longer than the others, and consequently the term “virus” is commonly but inaccurately used to refer to all of them. Here are some distinguishing characteristics:
Virus
A virus is a relatively small file that can copy itself into another file or program (its host). It can be transmitted only if its host file or program is transmitted. Some viruses are designed to change themselves slightly in order to make their detection and removal more difficult. Many viruses are merely annoyances, but some can be very destructive. As a whole, they are less common now than in the past. For more information, see the Wikipedia page on Computer virus.
Trojan horse
A Trojan horse is a program that appears to be useful or entertaining, but it carries a hidden malicious function that is activated when the program is run. Some Trojan horses even masquerade as repair tools, claiming to remove threats from your computer but actually doing the opposite. Older Trojan horses could not transmit themselves, but more recent versions can. This blurs the traditional distinction between viruses and Trojan horses. For more information, see the Wikipedia page onĀ Trojan horse (computing)
Worm
A worm is a program that can both copy and transmit itself. This type of threat is now more common and often more disruptive than many viruses. For more information, see the Wikipedia page on Computer worm.
Malicious script
These vary in the harm they can cause, and they can get into your computer or compromise your personal information by a number of means; e.g., when you click on a link inside an specially designed fradulent email or submit a form that has such a script hidden inside it.
How they spread and what they do
Electronic threats are usually spread by opening infected email attachments and by downloading infected files. Clicking on links inside certain emails can result in threats being downloaded to your machine. They can even enter your computer as attachments to Instant Messages. When these threats are being transmitted in large numbers, they can significantly drain network resources and slow down Internet traffic. When one of them infects your computer, it might take one or more of the following actions:
- Operate silently, with no obvious indication of its presence
- Remain dormant initially and activate later at a specified time or when you perform a certain action
- Destroy or corrupt your files
- Send copies of itself to all of your email contacts, potentially infecting them as well
- Deactivate your antivirus software
- Prevent you from using your browser to download virus removal tools
- Log your keystrokes and steal credit card numbers and passwords when you make purchases or bank online.
- Hijack your browser and take you to Web sites where you may be fooled into entering personal information such as account passwords
- Hijack your computer and use it maliciously or commercially, making you appear to be the perpetrator.
What you can do about them
While it is useful to understand the technical distinctions among these threats and important to know what damage they can cause, it is crucial that you maximize your protection against them and minimize their spread to other computer users. It is particularly important to keep the following items updated every few days or as often as the software recommends. You can set many of these programs to have the updating done automatically.
- Operating system
- Web browsers
- Instant Message software
- Microsoft Office and other applications with known vulnerabilities
- Antivirus definitions
- Antispyware
See more on how to protect your personal data.
Go to Safe Computing at NC State.