Worms and Viruses: What are they?

Computer Virus

In computer security terminology, a virus is a piece of program code that makes copies of itself and spreads by attaching itself to a host, often damaging the host in the process. The host is another computer program, often a computer operating system, which then infects the applications that are transferred to other computers. As with all code, viruses use the host's resources: memory and hard disk space, amongst others, and are sometimes deliberately destructive (erasing files / formatting hard disks) or allow others to access the machine without authorization across a network.

Internet worms are frequenty spread via email

Internet Worm

A computer worm is a self-replicating computer program, similar to a computer virus. A virus attaches itself to, and becomes part of, another executable program; a worm is self-contained and does not need to be part of another program to propagate itself. In addition to replication, a worm may be designed to do any number of things, such as delete files on a host system or send documents via email. More recent worms may be multi-headed and carry other executables as a payload. However, even in the absence of such a payload, a worm can wreak havoc just with the network traffic generated by its reproduction. Mydoom, for example, caused a noticeable worldwide Internet slowdown at the peak of its spread.

Apart from worms and viruses, other related security violations include ...

Phishing is the luring of sensitive information, such as passwords and other personal information, from a victim by masquerading as someone trustworthy with a real need for such information. It is a form of social engineering attack. Typically the email will appear to come from a trustworthy company and contain a subject and message intended to alarm the recipient into taking action. A common approach is to tell the recipient that their account has been de-activated due to a problem and inform them that they must take action to re-activate their account. The user is provided with a convenient link in the same email that takes the email recipient to a fake webpage appearing to be that of a trustworthy company. Once at that page, the user enters her personal information which is then captured by the fraudster.

Internet Protocol Spoofing
Internet Protocol spoofing (IP spoofing) is the creation of IP packets with a forged (spoofed) source IP address. The header of every IP packet contains its source address. This should be the address that the packet was sent from. By forging the header, so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. This can be a method of attack used by network intruders to defeat network security measures, such as authentication based on IP addresses.

(definitions adapted from Wikipedia)