New “Here You Have” Worm Delivers Unwanted Gift
Global mass mailing worm masquerades as business message
but links to malware, McAfee Labs warns
A new Internet worm dubbed “Here You Have” is streaming into worldwide inboxes, offering a dangerous payload, according to McAfee Labs. The worm, which travels via spam email with the subject line of “Here you have,” or “Just for you,” masquerades as an email with a link to a video or an attached document file. However, the email actually contains a link to a malicious program that can disable security software and send itself to all the contacts in the recipient’s address book.
Corporations around the world were particularly affected by the worm on Thursday as it clogged up their email systems. Consumers could be affected as they go home and log onto their machines. For this reason, McAfee Labs has labeled the worm as a “medium” risk, and warns all computer users to delete any email with the “Here you have,” or “Just for you,” subject line.
Although the dangerous link has been taken down, neutralizing the threat, it can still spread through remote machines, mapped drives and removable media, Labs warns.
If you have an up-to-date and properly configured McAfee security software product then you are protected against this threat.
The Hook: You receive a spam email with the subject line “Here you have,” or “Just for you,” and a link or attachment that looks like it leads to a video or document file. It may appear that the email comes from someone you know.
The Methods: The email invites you to click on the link, and once you do it prompts you to download a file. This file is actually malware that disables the security software on your machine and sends itself to everyone listed as a contact in your address book.
The Dangers: Once you are infected, your computer has diminished security protection. Your machine is also being used to spam your friends and contacts. If you are on a corporate network, the network could be clogged as the worm works its way through address books.
Bottom Line: Do not click on the link in any email with the subject header “Here you have,” or “Just for you,” even if it appears to be from someone you know.