The virus, which first appeared Thursday, attempts to trick recipients into surrendering their credit card data.
Yet another version of the Mimail virus is on the loose, but this one has a twist: it poses as an e-mail from PayPal and attempts to trick recipients into surrendering their credit card data.
Mimail.I first appeared Thursday and has not spread very widely yet, but the nature of its ruse is worrying to anti-virus and identity theft experts. This year has seen an explosion in both virus activity and in electronic scams aimed at relieving consumers of sensistive personal and financial data. And now the two trends have merged.
The e-mail message containing the virus has a subject line of "Your PayPal account expires," and contain a spoofed sending address of firstname.lastname@example.org. The partial text of the message reads as follows:
"Dear PayPal member,
PayPal would like to inform you about some important information regarding your PayPal account. This account, which is associated with the email address
will be expiring within five business days. We apologize for any inconvenience that this may cause, but this is occurring because all of our customers are required to update their account settings with their personal information. We are taking these actions because we are implementing a new security policy on our website to insure everyones absolute privacy. To avoid any interruption in PayPal services then you will need to run the application that we have sent with this email (see attachment) and follow the instructions. Please do not send your personal information through email, as it will not be as secure."
The attachment is named www.paypal.com.scr and contains the virus. Once the virus executes, it sends copies of itself to all of the e-mail addresses it can find in various locations on the machines hard drive. It also opens a dialog box, which contains the actual PayPal logo, and asks the user to enter credit card number, expiration date and other data.
MessageLabs Inc., a New-York based e-mail security provider, reports stopping nearly 5,000 copies of Mimail.I since Thursday.
The virus is just the latest in a long line of attempts by criminals to use e-mail to steal users personal information. All spring and summer, Internet users have been assaulted by similar scams claiming to come from PayPal, eBay Inc., Amazon.com and various banks. They all ask recipients to enter either credit card data, Social Security numbers or other sensitive information.