News Stay informed about the latest enterprise technology news and product updates.

Beware: Love may bite on Valentine's Day

Beware: Love may bite on Valentine's Day

Valentine's Day is a time for showering your sweetheart with gifts and signs of affection.

But, be wary of Valentine's Day sentiments to your e-mail inbox. Don't let your excitement cloud your tech savvy. Virus writers just may bank on you letting your guard down and falling prey to their social engineering technique.

"Users should be on alert," said Chris Wraight, technical director with Sophos. "They shouldn't forward electronic Valentine's cards as they are executables."

Sound paranoid?

Panda Software cites the following examples of past attacks that used Valentine's Day and tidings of affection to infect systems:

  • The ILOVEYOU e-mail worm spread widely using the subject line "ILOVEYOU" to entice users into opening the message.
  • The VBS/Valentin virus hit mobile phones users with a Valentine's Day message and encouraged them to visit a Web page where a malicious file called LOVEDAY14-B.HTA was copied to the user's system.
  • The W32/Matcher virus promised that its attachment was a way to find a partner (rather than being a virus). The body of the message said "Want to find your love mates!!! Try this its cool."
  • A hoax warning of a "Be My Valentine" virus has also circulated on past Valentine's days.

So, what should a person do? Delete all e-mail with attachments? Users should use the same caution they do the other 364 days of the year. For example, don't open attachments, even from people you know, unless you requested it, Wraight said. Call or e-mail the sender to make sure the message is legitimate.

Some viruses spread via an infected user's Outlook address book, so it wouldn't be unusual for a virus such as the ILOVEYOU virus to come from someone you know, Wraight said.

Wraight cites the recent MyParty worm as an example. The malicious code came purporting to be a link to a Web site containing pictures of a recent family trip. MyParty was an executable, but labeled with suffix, hence computers recognized it as a link, Wraight said.

"Send your message using simple ASCII text or better yet do it in person or on the telephone," Wraight said.

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.