MSU-Northern ITS: IT Security - How Malware Gets on Your Computer

Information Technology Services: How you get Malware

How Malware Gets on Your Computer

Unpatched operating systems & applications

Using out-of-date, unpatched, software products can potentially open the door to exploits that can be used to install malware on your system. It is important that you keep your system and all your software up-to-date by installing Windows Updates and by installing the latest versions of programs. The little amount of time you spend updating your system will save you time in the future.

Web Surfing

Often, while surfing the Internet, dialog boxes pop-up asking you to select yes or no before continuing. It is easier to hit "Yes" to all of those boxes without looking at them; however, these popups often contain requests to install malware on your system. If you are unsure about what a popup is asking you to do, close it. Remember: it may be easy to blindly click "Yes" while surfing the web, but the resulting malware infections will cause you major problems down the road.

“Drive by” downloads of malware can happen merely by visiting a Web site or viewing an HTML e-mail message without having to explicitly click on a link on the page or pop-up. This will happen through exploitation of a web browser, e-mail client or operating system bug.

Installing downloaded software (or even purchased software)

As the old adage says, nothing in life is free; this is especially true on the Internet. Many pieces of software are not "free" but are instead "ad supported" or "provide tailored ads." This means that when you install your new program you may be installing malware along with it. Programs like Kazaa and Weatherbug are notorious for installing malware along with the main program. It is often very difficult to determine if a program is going to install malware; however, it is always a good idea to do a little research (perform a Google search for "Kazaa Malware," for instance) before you install a program.

Spam

Many types of malware use email as their method of distribution. It is always a bad idea to open attachments from people you do not know; however, some of this malware can "spoof" the "From:" address of an email, so you also want to be wary of emails from anyone if it contains attachments. If you get an email with an attachment that you were not expecting, it is always a good practice to contact the person before you open the attachment.

Peer-to-peer file sharing (like kazaa, edonkey, limewire)

Aside from getting adware and such just from installing the programs, P2P programs are also being widely used to distribute viruses & other malware. Your file sharing program isn't going to check to see what you’re downloading or sharing.

Instant Messaging & Chat Rooms

Clicking on links in messaging programs may cause your computer to automatically download and run malware. Sending poison links in IM has proven to be particularly effective in deceiving people. Since the message came from your buddy, it must be ok, right? Wrong! IM viruses can generate their own IMs and send them out to everyone on your buddy list.

Sharing a Computer

Your roommate might be your best friend, but they might do things you never would. Got kids? Consider separate computers.

New “Toys”

Everything from USB drives to GPS navigational systems and iPods to digital picture frames have come from the factory with viruses already on them.

Protecting Your Computer & Yourself Online

Top of page

Return to Malware

Quick Links Help Desk - 3765 ITS Home IT Security Services Information About... Site Index In this section... IT Security Stay Updated! Passwords Data Security Firewalls Virus Protection While Traveling... Types of Threats E-mail Safety & Spam Phishing Identity Theft Malware How Malware Gets on Your Computer Protecting Your Computer & Yourself Online Web Surfing Safely Social Networks Online Harassment Copyrights & Peer-to- Peer (P2P) Applications Related Links (external) MSU Security Web Site Help Desk MSU-Northern students, faculty and staff - Use the ITS Help Desk as the first point of contact for your technology problems, questions & services! Information Technology Services Help Desk Walk-in Support: Cowan Hall 117B Telephone Support: 265-3765 E-Mail Support: itstech Last Updated: 07-Apr-2011
	Information Technology Services: How you get Malware How Malware Gets on Your Computer Unpatched operating systems & applications Using out-of-date, unpatched, software products can potentially open the door to exploits that can be used to install malware on your system. It is important that you keep your system and all your software up-to-date by installing Windows Updates and by installing the latest versions of programs. The little amount of time you spend updating your system will save you time in the future. Web Surfing Often, while surfing the Internet, dialog boxes pop-up asking you to select yes or no before continuing. It is easier to hit "Yes" to all of those boxes without looking at them; however, these popups often contain requests to install malware on your system. If you are unsure about what a popup is asking you to do, close it. Remember: it may be easy to blindly click "Yes" while surfing the web, but the resulting malware infections will cause you major problems down the road. “Drive by” downloads of malware can happen merely by visiting a Web site or viewing an HTML e-mail message without having to explicitly click on a link on the page or pop-up. This will happen through exploitation of a web browser, e-mail client or operating system bug. Installing downloaded software (or even purchased software) As the old adage says, nothing in life is free; this is especially true on the Internet. Many pieces of software are not "free" but are instead "ad supported" or "provide tailored ads." This means that when you install your new program you may be installing malware along with it. Programs like Kazaa and Weatherbug are notorious for installing malware along with the main program. It is often very difficult to determine if a program is going to install malware; however, it is always a good idea to do a little research (perform a Google search for "Kazaa Malware," for instance) before you install a program. Spam Many types of malware use email as their method of distribution. It is always a bad idea to open attachments from people you do not know; however, some of this malware can "spoof" the "From:" address of an email, so you also want to be wary of emails from anyone if it contains attachments. If you get an email with an attachment that you were not expecting, it is always a good practice to contact the person before you open the attachment. Peer-to-peer file sharing (like kazaa, edonkey, limewire) Aside from getting adware and such just from installing the programs, P2P programs are also being widely used to distribute viruses & other malware. Your file sharing program isn't going to check to see what you’re downloading or sharing. Instant Messaging & Chat Rooms Clicking on links in messaging programs may cause your computer to automatically download and run malware. Sending poison links in IM has proven to be particularly effective in deceiving people. Since the message came from your buddy, it must be ok, right? Wrong! IM viruses can generate their own IMs and send them out to everyone on your buddy list. Sharing a Computer Your roommate might be your best friend, but they might do things you never would. Got kids? Consider separate computers. New “Toys” Everything from USB drives to GPS navigational systems and iPods to digital picture frames have come from the factory with viruses already on them. Protecting Your Computer & Yourself Online Top of page Return to Malware		Common Symptoms Some indications you have malware: Browser crashes & instabilities • Your browser closes unexpectedly or stops responding. • Your home page or preferred search engine changes to a different Web site and cannot be reset. • New toolbars are added to your browser. • Clicking a link does not work or you are redirected to an unrelated Web site. Poor system performance • Internet connection stops unexpectedly. • Computer stops responding. • Applications will not start. • Components of Windows or other programs no longer work. • Computer takes longer to start and shutdown, and is slower in general • New icons are added to your desktop. Advertising • Ads pop up even when the browser is not open. • Browser opens automatically to display ads. • New pages open in browser to display ads. Report Security Incidents Report stolen devices (laptops, PDAs, etc) and suspected computer break-ins to ITS immediately. The sooner we know about an incident, the sooner we can respond, potentially limiting any damage.