A major new malicious attack has been affecting Internet users since yesterday afternoon. New variants of the Dorf family of malware (which had previously spread as breaking news of deaths caused by European storms) are now using disguises associated with love and greeting cards. 


According to Sophos, a wide variety of subject lines are being used in the spam campaign, including "You're so Far Away", "I Dream of you", "Dream Date Coupon", "Together You and I", "A Bouquet of Love", "So in Love" and "Cuddle Up".
Attached to the e-mails are files called 'flash postcard.exe' or 'greetingcard.exe'.  When opened, the worm attempts to send itself to other email addresses found on the user's PC, while also attempting to download further malicious code from the internet, designed to take over the computer and use it to send spam on behalf of hacking gangs.
Brett Myroff, CEO of master Sophos distributor, NetXactics, says the attack is taking place against Internet users right now around the world, resulting in a deluge of spam being relayed from innocent users' computers.
People must learn to think before they click, says Myroff.  “It may be tempting to open an attachment which you think is a greeting card or a message from a loved one, but this can get you into trouble sometimes.  The best defense is common sense, combined with up-to-date anti-virus software and e-mail filtering at your gateway."
Sophos recommends companies automatically update their corporate virus protection, and run a consolidated solution at the email gateway to defend against malware, spyware and spam.