Computer Viruses: What Happened?

Computer viruses have become increasingly complex, entering your system unseen and delivering a payload that metamorphosis into several types of threats while opening doorways for others to follow. But how did it get into your computer in the first place?
Social Engineering:
Since the dawn of hacking, the first and most powerful tool at the disposal of the “bad guys” has been social engineering, which comes in the form of email subject lines which you simply cannot pass up opening, or a link to a video so interesting that you upgrade your flash player just to see it, or a document from someone you know. Before you know it the first fifty people in your Outlook address book are getting emails from you that you never sent containing the same subject line, video link or document. The recent Koobface threat to Facebook was based on this exact strategy.
Virus-Infected Files:
Once in your system, the job of a virus is to spread. By injecting themselves into files, like Word documents, these viruses can hope to be spread to other computers along with the file. This goes hand in hand with social engineering in trying to get you to open the file in question. Once opened, viruses can automatically attempt to infect all other files of the same type on your system, making copies of themself and sending them to all your friends. Once opened by a friend in Outlook, the entire cycle begins anew.
Worms:
Worms actively crawl around, looking for places to hide and spread. If you are connected to the Internet, or even a local network with other infected systems, you can be hit by a worm. Worms can spread around the world with alarming speed, exploiting technical vulnerabilities left open by programming mistakes, or programmers who are not rigorously paranoid about security. These “Exploits” can often be patched, which is the biggest reason to make sure you have all your updates in place on a regular basis. Occasionally an exploit will not be fixed right away, leaving millions of people at risk of infection.
Drive-By:
Not just for gangland anymore, Drive-By is a term used to describe what happens when an unprotected system visits an infected website. Just visiting a website can allow a program onto your computer which then infects you. Recently a vulnerability in the Adobe Flash player put more than 80% of the worlds computers at risk of infection until a new version of flash was released almost a week later.
How to avoid this? Your best defense is your BS detector. Tune it in. Avoid emails with suspicious subject lines. Avoid toolbars and downloaders. Never download a video codec or update your player to see that cool clip. Don't just “cruise the web” unless you are certain of your anti-virus and anti-spyware programs and their capabilities; because you may think you're cruising the Information Superhighway, but in reality you're driving down a dark alley in a bad neighborhood.

Michael Stairs, Owner, Go Computer Services, has more than thirty years computer experience and took it personally when he first discovered a virus on his system.