“Joe, How did I get this thing? What did I do wrong?” The answer to that can sometimes be nothing. One of the problems with Windows XP and all previous versions of Windows is that the default is to operate at all times at the highest level of administrative privilege. with Windows Vista and 7 one operates at a level half a step below that through what’s known as User Account Control, UAC. When you do something that requires top administrative privilege such as installing some new software, UAC pops up a window asking if you want allow this program, i.e. the installer, to modify your system. This gives you a chance to rethink things if you meant to do it or to say no if you weren’t intending to do this. When they pop up out of the blue, say “No!” UAC can be turned off, but I highly recommend against it although I’ve had customers complain about the pop-up.
So one way that viruses can propagate is for you do do nothing. There is a command within HTML, the World Wide Web page description language that is called “On Mouseover.” Thus just by being on a rogue page and moving your mouse over the described area which can be completely blank otherwise a java script can be activated to install malware.
Another method is in email attachments. Anti-virus software such as Norton or AVG scan emails as you download them but can’t help you much if you use gmail, AOL, or Comcast/Verizon from the web page rather than with a standard POP email client. Don’t open attachments that come from people you don’t know and be wary of the ones you do. Usually one can detach an attachment and the scan it with the antivirus program.
All those guys from Nigeria…..They’re fake.
Phishing is a form of social engineering designed to get you to divulge personal information. You might get an email from a financial institution telling you to click on a link in the email and “verify your account.” No legitimate company does this, so don’t fall for it. I have received phishing probes on my business email account that really looked like legitimate business so I pursued them until they tried something like sending me a check for an amount far above the cost of the work they wanted done and asking me to deduct my fee and write a new check on my account and send it to a third party. Their check will bounce and I’m out the difference as well as they now have my account number and bank routing information. BTW, this happened to us with our paper checking account a couple of years ago. My wife wrote a check for a modest amount of around $30. The clerk palmed the check and made her till good from her pocket. Then she got some checks printed up with our routing and account numbers and a different address and name. Then they started kiting checks all over Annapolis.
We all know the tale of the Trojan Horse. During the Hellenic Wars the Greeks who were besieging the city-state of Troy, built a large wooden horse on wheels and placed it outside the gates of Troy. Then they apparently broke camp and gave up on the siege. The Trojans came out and wheeled the gift into their city, but at night the small band of commandos who had been hidden in the belly of the horse came out and let the returned Greeks into the city which was conquered and destroyed to such an extent that archeologists are unsure where Troy actually was. This is a long-winded introduction to Trojan Horse transport. When you install something like a game or a screen saver, there’s a little extra gift inside. Only install stuff from legitimate sites and companies.