Types of Malware
In the computer world, bad things come in several different forms. Here are some of the main types.
Years ago, computer malware was written mostly for pranks, vandalism, boasting and other non-commercial motivations. In recent years, organised crime has discovered its uses. Malware can be used in various criminal ways to make or steal money. These include identify theft and gaining access to bank accounts or credit cards. Another option is to get control of a computer without the owner's permission, and then use it for criminal purposes, such as part of a botnet.
Virus
A programme or code that replicates by inserting a copy of itself into a programme, boot sector, partition sector or a data file that supports macros.
Typically, a virus will activate as soon as an infected programme is operated, and will infect other files on that computer. The infection spreads when someone moves the infected file to another PC, eg via floppy disc or email.
Worms
A worm propagates by sending copies of itself across a network. Often this is over the internet via email, but there are other variations.
Typically, the worm sends itself to email addresses it finds on the infected computer. It arrives looking like an email encouraging you to open the attachment, which of course releases the worm to infect your PC.
Trojans
This is a programme that is on your computer without your knowledge or permission. It doesn't replicate itself, nor send copies of itself to other computers.
A trojan is commonly installed by a programme pretending to do something else, such as a screensaver or joke application. Trojans are used to capture keystrokes (hence passwords, credit card details) and send these to an email address, or it can create a backdoor through which someone can access you computer via the internet.
Phishing
Phishing means attempting to fraudulently acquire sensitive personal information such as credit card details, bank account passwords, etc.
A common phishing tactic is to send an official looking email to entice the victim to the criminal's web site. For example, the email could look like one from your bank, asking you to check you account and providing a link. But this link actually goes to the criminal's website, which looks exactly like the real one, except it records your password when you enter it. They can then access your bank account.
Similar approaches are used to attempt to get details of the victims' credit card, internet or paypal account.
Network Attacks (Cracking)
A network attack is when someone (either directly or using an automated programme) breaks into your computer over a network, such as the internet. They might do this for fun, to steal information (passwords, credit card details) or to hijack your computer for their purposes.
The cracker uses tools (eg a port scanner) to probe what sort of computer you have, then they use programmes designed to exploit known vulnerabilities in your type of system.
There's some confusion between crackers and hackers. Hackers are the good guys who hack code (write software). Crackers are the bad guys who break into computer systems, generally with tools someone else wrote. Crackers are also called script kiddies. In recent years, the popular media has picked up on computer stuff, but has confused popular meanings these terms.
Hoaxes
A hoax is designed to trick you into doing something that you wouldn't do if you realised the true story. Generally, these propagate in chain letter fashion, and saying you must immediately send it on to everyone you know.
Hoaxes are mostly just a waste of time and bandwidth, but some of them trick people into wrecking part of their system.