Worried about the Conficker worm striking on April 1st? A few simple steps can protect you

Worried about the Conficker worm striking on April 1st? A few simple steps can protect you.

Target: All users of Windows XP and Windows Vista.

The Conficker worm is a computer worm that can infect your computer and spread itself to other computers across a network automatically, without human interaction.

What does the Conficker worm do?

Today the worm has created an infrastructure that the creators of the worm can use to remotely install software on infected machines. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.

The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.

How does the worm infect a computer?

The Conficker worm tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly install itself. If you automatically receive updates from Microsoft you may already be protected from this. The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.

Who is at risk?

Users whose computers are not configured to receive patches and updates from Microsoft and who are not running an up to date antivirus product are most at risk.

Advice to Stay Safe from the Conficker Worm:

1. Run a good security suite (we suggest Symtec EndPoint Protection).
2. Keep your computer updated with the latest patches. If you don’t know how to do this, contact us for further help.
3. Don’t use “free” security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service. In many cases these are actually infecting you while they run. There is reason to believe that the creators of the Conficker worm are associated with some of these fake security products.
4. Turn off the “autorun” feature that will automatically run programs found on memory sticks and other USB devices.
5. Be smart with your passwords. This includes

1. Change your passwords periodically
2. Use complex passwords – no simple names or words, use special characters and numbers
3. Using a separate, longer password for each site that has sensitive personal information or access to your bank accounts or credit cards

FAQ’s

Q: Am I safe if I don’t go to questionable web sites?

A: No. The Conficker worm seeks out computers on the same network. You can be in a coffee shop, an airport or in the office and the worm will quietly try to attach to your computer and run itself.

Q: How do I know if I am infected?

A: The best way to know if you are infected is to run a good antivirus product. One symptom that may indicate you are infected is finding that your computer is blocked from accessing the web sites of most security companies.

Sources: symantec.com and microsoft.com