MOUNTAIN VIEW, Ca. Valentine’s Day is coming this weekend and instead of a bouquet of flowers, box of chocolates, or love notes, many lovers around the world are getting inundated with Valentine’s Day related spam and e-cards.

“It still fascinates me how successful Valentine’s Day spam is,” said Dave Marcus, security researcher and communications manager with McAfee’s Avert Labs. “It continues to plague users. It is just a good social engineering lure& and chances are if they are going to click on Valentine’s spam, they will click some other kind of spam too and continue to expose themselves to malware from bad behavior and that is the frustrating part.”

McAfee Avert Labs started seeing the first Valentine s Day related spam and e-cards as early as January 22 this year, and it has been steadily increasing since. McAfee has been tracking Valentine�??s spam to be between one per cent and two per cent of the total e-mails sent on a daily basis.

Some specific Valentine’s Day spam examples include the current wave of Valentine s Day spam containing links to domains that carry the Waledac Trojan. As well, Avert has been monitoring about 100 domains infected with this malware. Each of the domains is fast-fluxed, so there are hundreds of nameservers and thousands of IP addresses involved.

The specific strain McAfee has been tracking can be identified by their subject lines. They often begin with: “Deeply in love with you,” “I Knew I Loved You” and “I Love Being In Love With You.”

When the reader opens this spam e-mail, a URL is available to click on that takes him to a site where malware is downloaded to his computer.

Other spam e-mails contain displays that entice the viewer to click on one of the hearts. The binary file meandyou.exe is downloaded if a heart is selected.

Additional subject lines to be on the lookout for this Valentine’s Day in your inboxes include: The Best Valentine’s Day Present Ever…; Need A Valentines Gift?; and lose excess weight by Valentine’s Day.

As well, McAfee’s February ’09 Spam Report outlined other spam trends that people should be on the lookout for.

One thing that McAfee noted was that China is starting to overtake the United States as the leading supplier of the world’s spam as well as the largest target of spam.

“There are more people over there going online,” explained Marcus. “With more people online you end up with an environment that is target-rich.”

As well, watch out for a malware campaign whose subject line starts with “E-ticket” followed by a number. The message appears to confirm the purchase of a paperless airline ticket.

This scam s delivery method is a clever bit of social engineering, said Marcus that relies on the fear of having one s identity stolen. By raising the possibility of an unauthorized credit card payment, victims might click on the attachment without first thinking through the consequences, which include opening the door to identity thieves. The .zip file contains an executable that infects the machine with the ZBot Trojan.

Although anti-virus engines will catch this incarnation of the Trojan, McAfee recommends a policy of disallowing executable binaries to be delivered from unauthenticated inbound sources (chief among them, email) and administrators combine a proactive attachment-filtering policy with their standard anti-virus engines.

McAfee also reported that adult spam has hijacked space on Microsoft s live.com site to look legit.

The abuse of free hosting services continues to provide an anonymous haven for malicious groups working to bypass filters based on the host�??s reputation. Marcus said that a focus on ensuring uninterrupted use– without helpdesk calls–prevents hosting companies from using proactive filters to prevent spam and malware distribution using their systems. However, the long-term drawback to this focus is that the neighborhood of associated malicious content becomes an internet slum that can affect the perceived professionalism of legitimate service users.

McAfee Avert Labs recommends that both enterprises and consumers assure their software and patches are up to date, and that they implement a multilayered approach to preemptively detect and block attacks. Using appliances with McAfee TrustedSource Internet Reputation System and anti-malware detection technology will put organizations a giant step ahead of others both in protecting against current threats as well as new variants.

In addition, Marcus advised that people need to be aware of the verbiage of scams and spam and scams always pop up during certain events. This means that scams often appear during certain times of the year like Christmas, tax time or the Super Bowl. By being aware, it can help people not fall victim to these scams.

This column was written by Vanessa Ho of ConnectIT, an IntegratedMarCompany

a>>