Unlike viruses that need to infect a file, a boot sector, or a document, worms can spread all by themselves. The two most common ways a worm can spread are through email and security flaws in computers connected to a network or the Internet.
Worms that use email to spread are known as mass-mailing worms, are typically written in a variant of the Visual Basic programming language, and usually exploit the Microsoft Outlook or Outlook Express emailing programs on Windows. Typically, the worm checks a user's Outlook or Outlook Express address book for a list of stored email addresses and then the worm sends a copy of itself to each address.
Mass-mailing worms can spread particularly quickly since they tend to come from someone that the victim knows. The recipient is likely to read the email and accidentally help the worm spread to their own address book of email addresses.
Mass-mailing worms most often target Microsoft Windows users running Microsoft Outlook or Outlook Express, because those are the most common operating systems and email programs. Thus, one way to protect yourself against a mass-mailing worm is to either use a different operating system (such as Linux or the Mac OS) or use a different email program (such as Eudora or Pegasus).
Internet worms, in contrast, spread by searching the Internet for a computer running a specific type of operating system or webserver with a known flaw in it. Once the worm finds a vulnerable computer, the worm copies itself to that computer through the known flaw and then proceeds to use that computer to look for other targets to attack.
Sometimes the mere existence of a worm mass mailing or copying itself across the Internet can cause your computer to slow down or even crash without the worm deliberately trying to harm your computer. Other times the worm may include a pay-load that wipes out data, infects your computer with a virus, or retrieves documents at random from your hard disk (which could include sensitive business or highly personal documents) before mass mailing them to everyone listed in your Microsoft Outlook or Outlook Express address book.
Like mass-mailing worms, Internet worms often target the most popular operating systems (such as Microsoft Windows or Unix) or webserver programs (such as Apache or Microsoft IIS).To reduce the risk that an Internet worm will target your computer, you can either use less popular operating systems or webserver programs, or constantly install software "patches" to your operating system or webserver program, which essentially close all known flaws that Internet worms use to spread themselves.
Many antivirus programs can now detect worms as well, so make sure you keep your antivirus program updated regularly for maximum protection against both viruses and worms.