Valentine's Day is the day of love – and virus writers get into the spirit of the day by creating mass mailings of Trojans and worms masquerading as Valentine's Day messages. This practice, says Kaspersky Lab, is a perfect example of social engineering.
Darya Gudkova, head of content analysis & research at Kaspersky Lab, comments: “Every year, Valentine’s Day sees a rather high concentration of spam, the most common being fake e-cards, containing different malicious attachments. Valentine’s spam usually appears towards the end of January and continues till the middle of February and, this year, it was no different.”
This year, Valentine’s Day saw an influx in advertisements offering expensive alcohol and chocolates, jewellery and leather goods and romantic trips for two. Other goods that are traditionally advertised in spam, such as fake designer watches and Viagra, also exploited the day’s theme to grab the attention of e-mail recipients. Spammers appear convinced that there’s no better time than 14 February to increase your libido or buy cheap replicas of designer watches.
In light of this, Kaspersky Lab divides Valentine’s spam into three categories: special Valentine’s offers (like expensive alcohol, chocolate and jewellery); the usual offers which mention Valentine’s just to attract attention (such as Viagra spam); and malicious Valentine’s spam which resemble e-cards from well-known e-card services.
Some of the cards feature pictures which are well known – they show characters from popular cartoons or use Disney characters. But no matter what image is shown, the result is the same – malicious code. What's interesting is that these images are dynamic and can change each time the greetings card page is reloaded. This shows that whoever is behind this is monitoring the infected machines (part of the botnet used to host the cards) and attempting to make sure that they've hooked the naïve user.
Due to the large number of requests being made to these kinds of sites, they sometimes become unavailable. But persistent users will, in the end, get through – and get their card, together with a helping of malware.
“Most people are eager and willing to believe that a 'secret admirer' has sent them a card and open the attachment or click on the link. Once opened, such attachments can harm your computer, steal your personal data or use your computer for DDos and spam sending. Luckily however, so far, this year’s Valentine’s Day spam has been mostly harmless, but the danger of such e-mails should not be underestimated,” says Gudkova.