What is a computer worm? Here's how to protect yourself from the replicating malware

• A computer worm is a type of malware that, once it infects a machine, can automatically copy and extend itself to connected devices.
• A worm is very similar to a virus, and you can get infected by one in the same way — mainly by clicking an infected link or opening a compromised file.
• You can avoid being infected by a worm using common anti-malware advice. Use antivirus software, keep your computer up to date, and never open links or files which you don't completely trust.

A computer worm is a form of malware that, once it has infected a computer, continues to replicate itself on the infected computer as well as automatically infecting other computers it comes in contact with. It's similar to a virus, but a worm is somewhat more sophisticated, able to proliferate without any human intervention.

How a computer worm works

Like any malware, a computer worm requires a human being to initiate the infection. The primary vectors of infection are email and websites. A worm can be embedded in a compromised email attachment or link within the message and often comes as part of a phishing scheme, where the infected file is masquerading as something legitimate, like a document or spreadsheet. Less commonly, worms can be installed if you visit a compromised website and click a link that activates the worm.

After the worm has been installed on your computer, it goes to work making copies of itself. Some are programmed to automatically infect any computer on the same local network. Worms might also be able to infect any device that connects to that computer automatically.

Strictly speaking, that's all the worm does — any malicious activity would be a result of the worm's "payload." Some worms have no malicious "payload" at all and simply replicate themselves. This can be destructive on its own because, in time, it will consume all available system resources and storage space. The worm might also delete important files to make room for additional copies of itself.

Additionally, the worm might be equipped with a payload — this might be to open a backdoor to the PC for hackers or to implant additional malware to steal sensitive information like usernames and passwords, or to use the computer as part of a distributed denial-of-service (DDOS) attack.

How you can avoid getting infected with a worm

Once infected, you can try to remove it in the same way as any malware — with antivirus or anti-malware software. Likewise, you can avoid getting infected to begin with in the same way: by taking common-sense precautions to avoid malware.

• Keep your computer up to date by manually updating Windows or letting it install automatic updates. This can have a substantial impact on limiting your security vulnerabilities.
• Use some kind of antivirus or anti-malware software. You can use the virus and thread protection built into Windows or employ more comprehensive third-party antivirus apps.
• Be careful when you click links and open attachments. The same advice always applies when it comes to malware: Never click or open anything you do not trust, whether it's in an email or on a website.

Related coverage from Tech Reference:

• Ransomware can encrypt your files and force you to pay money — here's how to avoid ransomware, or deal with an infection

• What is phishing? Here's what you should know about the virtual scamming technique and how to protect yourself from data theft

• 'What is a WPA2 password?': A guide to WPA2, the safest type of Wi-Fi password you can have

• 'What is my IP?': Here's what an IP address does, and how to find yours

• What is a cache? A complete guide to caches and their important uses on your computer, phone, and other devices