Spacer Sidebar Directory Map

The Training Book, the handbook for trainers

The Training Book, the handbook for trainers

 

ITrain - International Association of Computer Trainers Your Worst Assistant
Melissa virus sends porn messages for you
ITINFO Sponsor
ITrain - Train the Trainer seminar & conference

Open to teachers, instructors, and trainers from all specialties.

This is a prerequisite for all ITrain members pursuing certification as a Professional Technical Trainer (PTT)

Seminar leader: Dave Murphy, ITrain founder

member@itrain.org
Click here: Online Details

Internet Poll
Have you attended a seminar via e-learning?
yes
no

poll archive

Melissa Virus Attacks Outlook, Exchange & Word Users
by Dave Murphy
ISSN 1535-3613

Dave Murphy, DGL President & ITrain founder Outlook/Exchange customers, including Microsoft and Intel, have been hit by a macro virus that replicates pornography-related information throughout corporate email systems.

The virus, identified as "Melissa," is unusually effective. Having originated in Western Europe, and first discovered in a sex-related newsgroup, Melissa is causing problems for corporate email users since yesterday.

"The proliferation of this virus is something we've never seen before," said Srivats Sampath, a general manager at Network Associates. He said that 60,000 people at one company had been affected.

At Microsoft, all incoming and outgoing Internet mail is being inspected for signs of the virus.

At least one division of Intel Corp. also reported problems resulting from the macro virus. A public relations spokesperson acknowledged that some of the company's email servers had gone down as a result of the exceedingly high volume of mail transmissions caused by the virus' replication.

The Melissa virus spreads via email. However, a Word document is attached to infected messages, when the document is opened, Melissa launches a macro that replicates the message (and the attached Word document) to the first 50 names in the victim's Outlook address book.

The outgoing mail is given the subject line: "Important message from, ..." and the victim's named is inserted into the subject line. The message text consists "Here is that document you asked for... don't show anyone else;-)." And to top it all off, the infected documents contains porn website information.

McAfee added the virus to its virus database today. More information on the virus is can be found on McAfee's site.

The big concern for corporate email systems is for the effect on mail servers. Usually, such viruses attack individual machines, but this one apparently can overload mail services by sending out repeated messages.

People cannot get the virus by merely opening up a message, only by opening the attached document. REMEMBER, NEVER OPEN A DOCUMENT ATTACHMENT FROM SOMEONE YOU DON'T KNOW. And now in this case, you can't even trust all the documents you receive from people you do know!

My best suggestion is to use common sense, and always be careful of anything that you receive via email.

The virus also turns off Microsoft Office's macro protection, which could leave users more vulnerable to future viruses. After cleansing their machines of the virus, those affected might need to reactivate the macro protection.

If the date and time match (for example 3/26/99 at 3:26), the virus also has a humorous side, and quotes Bart Simpson's famous Scrabble quote "Twenty-two points plus triple word score, plus 50 points for using all my letters. Game's over. I'm out of here."

Antivirus software vendor TrendMicro says that the so-called W97M_Melissa virus can attack via both Word 97 and Word 2000 documents. If the virus attacks via Word 2000, says TrendMicro, "it will lower the security setting to the lowest level by modifying the registry and will disable the Word menu commands (MacroSecurity) which allows the user to reinstate security settings."

"A minimum of 20 major companies been infected. This is spreading faster than any virus we've seen before, because we've only seen a few email-activated viruses in the wild before this," noted Dan Schrader, director of product marketing.

Schrader says the best way for companies to stamp out Melissa is to run virus protection software at the server, not the desktop, level. TrendMicro says it already updated all of its products to detect this virus as of today. The company also is offering a free service on its website, allowing administrators and customers to scan their machines for any virus, including Melissa.

What do you think about Melissa? Have you ever been affected by a computer virus? Leave your comments on the Message Center.

Related Article
Papa Virus Is Worse Than Melissa

Message Center
DGL's Antivirus Information
McAfee
TrendMicro

Subscribe to ITINFO.
Receive computing and Internet news & tips
by subscribing to the ITINFO information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Damar Group, Ltd. helps business use technology.

ITINFO is again accepting sponsors. Sponsor messages are included in ITINFO's email newsletter and are permanently posted to DGL's website and online reference areas.

ITINFO is an electronic publication of Damar Group, Ltd., publisher of Training Express computer learning guides. Comments and submissions to info@dgl.com.

Previous issues are on our website at http://dgl.com/itinfo/.

updated March 27, 1999
http://dgl.com/itinfo/1999/it990327.html

Return to DGL homepage
Copyright © 1999, Damar Group, Ltd., All Rights Reserved