Texas A&M University System Faculty Security Awareness Training

Malware

Malware is a generic term for software or code that is designed to operate in a manner that is inconsistent with the intentions of the user and which typically results in annoyance or damage to the user's information systems. Examples include: viruses, worms, Trojan Horses, attack scripts, and spyware.

What can Malware do?

Delete or change files
Erase your hard drive
Release confidential information stored on your computer by emailing it to random email addresses or the address of the virus writer
Change your security settings

Signs your computer may be infected:

Programs open and close on their own, or no longer work
Files are missing or unknown files appear
Your computer suddenly runs significantly slower than normal
Random error or warning messages begin to appear

How to Prevent Malware from Infecting Your Computer:

Install antivirus software, such as Symantec or McAfee, and keep it up-to-date. Check with your IT personnel to find out if you already have antivirus software installed on your computer, or if you have any questions.
Scan files from portable media (e.g., CDs/DVDs, zip disks, or thumb drives) before opening them. You can do this manually, or you can set your software to automatically scan files being transferred to or copied from external media.
Be cautious of unusually large email attachments or those with executable extensions (e.g., .com, .exe, .bat, .vbs, .dll). Recognizing the name in the "FROM:" line does not ensure that the attached file is virus-free.
Use discretion when downloading software from any website other than the software company's site or a trusted download site, because it could come bundled with malware.
Configure a secure browser setting that automatically disallows potentially dangerous technologies (e.g., ActiveX or Java) from running on the website, and exempting those only from trusted sites.
Use discretion when dialog boxes pop up, asking you if want to allow an ActiveX control (e.g., a media player or an interactive animation) to run, because it could be an attack script.

For example, if you're asked to allow an ActiveX control to run, ask yourself if you completely trust this site. You can usually view the page even if you don't allow it.

Note: One of the most common ways of getting infected even if you don't download and install a program directly is via driveby downloads.