Among the countless electronic greetings that will be exchanged between friends, lovers and secret admirers over the next few days are some that the recipient will not be happy to receive; spam e-mails disguised as legitimate e-cards spreading malicious software.
According to the FBI, the bogus e-mail directs the recipient to click on a link to retrieve the electronic greeting card, but once the user clicks on the link, malware is downloaded to the Internet-connected device, causing it to become infected and part of the Storm Worm botnet.
Botnets are networks of compromised machines under the control of a single user that are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines on the Internet.
The Storm Worm virus has previously spread itself using millions of spam e-mails that contain a bogus e-card link; with mailings timed to coincide with various holidays – the celebration of Valentine's Day having been identified as its next target of opportunity.
The Storm Worm was originally launched by the "Zhelatin gang," so named because of the Trojan it was spreading, and was first spread through e-mails with the subject line: "230 dead as storm batters Europe," hence its name.
Subsequent attacks used other ruses, from reports of genocide to "must see" videos on YouTube, in order to lure victims into clicking on a contaminated link.
In response to this evolving threat, the FBI advises that consumers be wary of any e-mail from an unknown sender and not to click on any links within such e-mails.
Those consumers that have received a suspect e-mail can file a complaint with the IC3 by visiting www.ic3.gov.