Malicious Code Spreading Via Valentine’s Day Spam
Original release date: January 29, 2009 at 12:55 pm
Last revised: January 29, 2009 at 12:55 pm
US-CERT is aware of public reports of malicious code circulating via
spam email messages related to Valentine’s Day. These messages contain
a link to a website that contains several images of hearts and
instructs users to choose one image. If users click on one of the
images, they will be prompted to download an executable file. Reports
indicate that the executable files could be named: youandme.exe,
onlyyou.exe, you.exe, and meandyou.exe (please note that these file
names may change at any time). If users accept the download, malicious
code may be installed onto their systems.
US-CERT encourages users and administrators to take the following
preventative measures to help mitigate the security risks:
* Install antivirus software, and keep virus signatures up to date.
* Do not follow unsolicited links and do not open unsolicited email
messages.
* Use caution when visiting untrusted websites.
* Use caution when downloading and installing applications.
* Refer to the Recognizing and Avoiding Email Scams (pdf) document
for more information on avoiding email scams.
* Refer to the Avoiding Social Engineering and Phishing Attacks
document for more information on social engineering attacks.
Relevant Url(s):
http://www.us-cert.gov/cas/tips/ST04-014.html
http://www.us-cert.gov/reading_room/emailscams_0905.pdf
Granny, on TV the other night the newscaster was talking about a computer virus that was called the “plague.” If you see anything about that can you post it here? I’d look it up but I’ve been doing my posting from work and my time is a bit limited. When my computer finally agrees to go online I’ll be able to keep up better.