Earlier this year, researchers discovered a particularly nasty worm that had hitched a ride on a number of digital picture frames. The worm not only blocked anti-virus protection from almost 100 security vendors, it also skirted the firewall and security features built into Microsoft Windows. Once the digital picture frames were connected to a PC, the worm was able to remotely download files and hide them on the PC, making the worm difficult to track and remove.

While most of us have become accustomed to guarding against malware in applications and on the web, it turns out we have a lot more places to worry about—places that aren’t necessarily obvious, or even very common, yet malware has managed to find its way there.

The worm that infected the picture frames was from China, but it spread as far as Russia and Singapore and spawned over 67,000 variations. The cyber crooks behind it wanted to steal passwords for online games; however, the sophistication of the threat suggested that they were capable of designing an attack that could do even greater damage.

It’s still unclear how the picture frames got infected. Initial consumer complaints cited frames purchased over the holidays from Sam’s Club and Best Buy, but since then, infected frames have been tracked to other retailers, such as Target and Costco. Researchers venture that the virus could have been spread by an infected machine at the manufacturer’s site or in the retail outlets.

While we don’t know the exact origin of the worm, we do know that the proliferation of new digital devices has opened the door to yet another layer of risk. Consumers may be used to securing their computers and even their cell phones, PDAs and memory sticks, but they may not be used to securing against risks in unexpected places. (For more insight into malware in expected places, such as PDFs, read this month’s article Malware in Unexpected Places, Part II: Threats in "Trusted" Applications.)

In addition to digital picture frames, malware has have also been found in music-playing sunglasses, iPods and global positioning system (GPS) devices. In each case, the infections seemed to originate from the manufacturing plant. Once connected to a computer, those consumer devices were able to spread their infections. The cases were rare, but the potential damage is not insignificant.

So, a word of warning to consumers: be cautious when using unknown computer-connected device. Consumer products such as GPS units, music players, USB drives and digital picture frames are all considered as external drives that could potentially harbor malware.

Here are a few things you can do to help protect yourself from threats hidden in consumer devices:

1) Run anti-virus software on your PC that scans any external drive connected to it, such as McAfee® VirusScan® Plus, McAfee Internet Security and McAfee Total Protection. Also, make sure that you keep your anti-virus protection up to date to guard against the latest threats.

2) Disable the Windows AutoPlay feature on your computer. You want to make sure that you have the opportunity to scan any connected device before you run it.

3) Perform a manual scan of the external drive with Windows AutoPlay disabled to make sure that the drive won’t harm your PC.

While it’s difficult to guard against a virus as insidious as the one that infected the digital picture frames earlier this year, we can protect ourselves from a host of other potential threats by putting these best practices into place. And with new consumer devices coming into the market all the time, it pays to be vigilant.