US-CERT has received reports of new Storm Worm activity circulating. The emails contain romantic or Valentine's Day greetings and provide links for users to click on. The links are in the form of actual IP addresses, such as http:/x.x.x.x, although actual domain names may also be used. If a user clicks on the link provided, they will be directed to a malicious website that will attempt to exploit a variety of vulnerabilities and install malware onto the user's system.
The following are examples of some subject lines currently being used. Please note that this is not inclusive and other similar subjects are likely circulating.
You... In My Dreams
A Toast My Love
Sending You My Love
Falling In Love with You
Special Romance
You're In My Thoughts
Sent with Love
Our Love Will Last
Our Love is Strong
Your Love Has Opened
You're the One
Heavenly Love
US-CERT also reminds users to beware of future phishing attacks that may target the following types of events:
Sporting Events such as the Super Bowl
Political Events such as the Presidential Primaries
Other Social Events
Holidays
US-CERT urges users and administrators to take the following preventative measures to mitigate the security risks:
Install anti-virus software, and keep its virus signature files up-to-date.
Block executable and unknown file types at the email gateway.
