Beware of Valentine's spam, warns IT security firm

 Even as people gear up to celebrate St. Valentine’s Day Tuesday, spammers are working overtime to hack into computers of online users on the romantic occasion with spam mails having catchy words in the subject line, warns global computer security firm Kaspersky Lab.

"Beware of e-mails with attractive words or deceptive offers to lure online lovers on Valentine’s Day as they could be from unknown source or spammers on hacking spree to steal personal details, including credit card numbers," Kaspersky spam analyst Maria Namestnikova said in a statement from Moscow.

Cautioning users against opening e-mails carrying catchy words like ‘coupon’ in the subject line for goods or services, the analyst said even some companies put their offerings on a coupon service and then via spam advertise them to reach a bigger audience.

“Users should be careful in opening such mails as they could be a trick by spammers to attract their attention on a romantic occasion to gain access to their personal details,” Namestnikova warned.

The anti-virus software firm recently detected a spam mail from a company offering an e-mail recipient to buy a small gift for his/her beloved on St. Valentine’s Day, using a discount that was obtainable via the coupon service Groupon.

“Though use of coupon services is a legitimate method of advertising, their popularity brings with it potential threats of phishing attacks. Phishers can be interested in users having funds in their accounts, which they can spend immediately when an offer takes their fancy,” the analyst noted.

Phishing is an online communication used to acquire information such as usernames, passwords and credit card details by masquerading as a trustworthy entity through social websites, auction sites and online payment gateways.

A phishing attack is carried out by e-mails directing users to enter details at a fake website, which appears to be identical to the genuine one.

“Over the next few days, lovers should not open e-mails from un-registered coupon services to protect from phishing attacks or mail-outs of malicious code. Similarly, if an e-mail comes with a commercial offer, do not respond as it could be from a spammer,” Namestnikova said.

Hackers and spammers will also try to deceive users by asking them to verify their account via a link to get hold of login name and password.

“Large organisations do not ask their customers to send login and password via e-mail, as any such request would be an attempt at stealing personal accounts,” the analyst observed.

Kaspersky also warned online users and would-be lovers from opening any message asking to download a particular link via e-mail, as it could be a malicious one from phishers.