Sophos technical support has received a number of enquiries from
users who have received an unsolicited electronic Valentine card
via email, concerned that it might be a virus.
The email arrives from cupid@valentines-ecard.com with the
subject line "You have been sent a Valentines Card!". The message
inside the body of the email invites users to pick up their
personal Valentine from a website called
www.valentines-ecard.com.
However, when users visit the url named in the email, they are
invited to download their card in the form of an executable
program. If this program is launched, three Browser Help Objects
that integrate with Microsoft Internet Explorer are installed, and
a Macromedia Flash animation is displayed with the following
text:
Hey cutie!Just wanted to say happy
valentines day and i miss chatting to you! Where have you been? Oh
you probably don't know who this is? Well lets keep that a secret
for now. Have a great vals day!Lotsa Love, Your secret admirer!
It appears that the changes made to Internet Explorer are
designed to track internet usage and report it back to an outside
agency, possibly for marketing or advertising purposes. The files
are not viruses and are not malicious, but they could be considered
to be adware.
"This appears to be an unsophisticated attempt to spread a
little love, but with an unusual payback - potentially useful
marketing information about users' internet surfing habits," said
Graham Cluley, senior technology consultant at Sophos Anti-Virus.
"Companies may want to consider blocking executable code at their
email gateway and advise their staff to accept love letters only
through more traditional, romantic routes."
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.