McAfee: New “Here You Have” Worm Delivers Unwanted Gift
September 2010 by McAfee
A new Internet worm dubbed “Here You Have” is streaming into worldwide inboxes, offering a dangerous payload, according to McAfee Labs. The worm, which travels via spam email with the subject line of “Here you have,” or “Just for you,” masquerades as a business email with a link to a PDF file. However, the email actually contains a link to a malicious program that can disable security software and send itself to all the contacts in the recipient’s address book.
Corporations around the world were particularly affected by the worm on Thursday as it clogged up their email systems. Consumers could soon be affected as they go home and log onto their machines. For this reason, McAfee Labs has labeled the worm as a “medium” risk, and warns all computer users to delete any email with the “Here you have” subject line.
Although the dangerous link has been taken down, neutralizing the threat, it can still spread through remote machines, mapped drives and removable media, Labs warns.
The Hook: You receive a spam email with the subject line “Here you have” and a link that looks like it leads to a PDF file. It may appear that the email comes from someone you know.
The Methods: The email invites you to click on the link, and once you do it prompts you to download a file. This file is actually malware that disables the security software on your machine and sends itself to everyone listed as a contact in your address book.
The Dangers: Once you are infected, your computer has diminished security protection. Your machine is also being used to spam your friends and contacts. If you are on a corporate network, the network could be clogged as the worm works its way through address books.
Bottom Line: Do not click on the link in any email with the subject header “Here you have,” even if it appears to be from someone you know.
Tips to Avoid Becoming a Victim:
1) Never click on a link in a spam email or IM from someone you don’t know, and be suspicious of strange emails from people you do know. Their account could have been compromised.
2) Use comprehensive security software, like McAfee Total Protection™ software, to protect you from viruses, spam, and other Internet threats, and keep the software up-to-date.
3) Set your operating system and browser to automatically apply updates.
Tips on What to Do If You Have Become a Victim:
You think your computer is already infected, now what?
To check if you have malware installed on your PC, scan your computer for free using the McAfee Stinger tool, go to: www.mcafee.com/stinger-tool