At least two romance-themed security threats are arriving in e-mail in-boxes on Wednesday, researchers have warned. One purports to be an electronic card from American Greetings and includes "Happy Valentine's Day!" in the subject line. When a recipient clicks on an in-message link to view the "card," however, a Trojan horse virus surreptitiously turns the computer into a spambot, or zombie, said Dmitri Alperovitch, a research scientist at Secure Computing.
The virus quickly became one of the top five threats of the day, with a few million infected e-mails detected, Alperovitch said. However, it is not expected to become a long-term threat.
The other threat is a worm-laden e-mail attachment that, when opened, sends itself to e-mail addresses stored on the recipient's computer. It may attempt to download malicious code designed to take control of the machine and turn it into a zombie, according to security experts at Sophos.
The e-mail subject lines used in that attack can vary from "Be My Valentine" to "Happy Valentine's Day" or "Valentine Love Song."
This worm accounted for more than three-fourths of all the malicious software listed on Sophos' virus monitoring network Wednesday morning, the company said.
Both of the e-mail attacks affect Windows machines, including Microsoft's new Vista operating system, security experts said.
Of a sample of Web searches last week through the weekend, one in 48 searches were Valentine's-related and, of those, one in seven results yielded malicious software, according to Web security services provider ScanSafe.
Malicious hackers and spammers often piggyback on holidays, celebrity scandals and global events for timing their attacks. Many people are particularly susceptible to opening fake greeting cards on Valentine's Day, said Alperovitch of Secure Computing. One of the first widespread Internet viruses, the, also preyed on lower resistance to scams in matters of the heart.
Computer owners are urged to use updated antivirus software, which is designed to filter out attacks. However, the safest computing practice is to just delete suspicious e-mails or messages from unknown senders, no matter how lovelorn you are, experts say.