Valentine's Day is almost here.  While your friends and loved ones are crafting their e-cards, malware authors are also releasing their annual love letters into the mix. Win32/Waledac started a bit early, we noticed it’s Valentine theme spam mails as early as January 26th. However, as Valentine's Day draws near, we still see a spike in the release of new variants.

It's sometimes difficult to identify malicious emails by subjects and message bodies alone. With malware such as Win32/Waledac sending messages that contain a link to a malicious Web site capable of hosting exploit codes, aside from not executing unexpected email attachments, the best bet is to stay up-to-date with OS and application security updates.
 
Recent Win32/Waledac spam messages contain a link to a web page offering an e-card creation tool:

Needless to say, the 'tool' referenced by the link on the page is Win32/Waledac itself, aimed at generating another e-card courtesy of the malware author, not for you.
 
If you ask me, I will take fresh flowers or a nice dinner instead of an email any day of the year.

For more information regarding Win32/Waledac, please see our encyclopedia.
 
Lena Lin & Shali Hsieh