Chocolate, flowers and worms on Valentine's Day?

By

There are other things more depressing than lacking a date for Valentine's Day. For starters, how about getting stung by a trojan disguised as an e-card celebrating the annual romantic holiday?

Chocolate, flowers and worms on Valentine's Day?
But the possibility is real, according to researchers from Kaspersky Lab, who estimate that about five percent of current spam traffic consists of bogus greeting card emails containing the Packed.Win22.Tibs.ic virus.

“It's a huge spam release coming out of a botnet,” Tom Bowers, senior security evangelist for Kaspersky, told SCMagazineUS.com today. “We're measuring it in the millions. There's so many people clicking on the link [to the fake e-card] that the host is having problems responding. But my sense is that people getting this are going to wait for that personalised greeting to load, no matter how long it takes.”

Bowers said the trojan is not related to the notorious Storm Worm because it is not using fast-flux tactics to spread malware from thousands of IP addresses. Instead, the trojan appears in messages containing an embedded IP address.

“It's not terribly sophisticated,” he said.

Storm, though, is not in hiding. On Tuesday, the FBI warned users to be on the lookout for spam containing variants of the trojan, which traditionally appears during holidays and major news events.

“The Storm Worm virus has capitalized on various holidays in the last year by sending millions of emails advertising an e-card link within the text of the spam email,” the FBI said in a statement. “Valentine's Day has been identified as the next target.”

According to Sophos, the messages arrive with an array of subject lines, including “I Like You,” “The Love Train,” and “Happy Valentine's Day!”

Experts expect these spam runs to peak Thursday. Users are advised to not trust email from an unknown sender and to not click on untrusted links.

"The technique of using the disguise of love isn't a new one," said Graham Cluley, senior technology consultant at Sophos. "In 2000, the Love Bug virus posed as a romantic love letter and millions of users around the world were hit. But every year we see more attempts by hackers to make what should be a day of romance a misery. All companies and organizations should teach employees safe computing practice and to be suspicious of any unsolicited emails."

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?