Users could get a nasty shock when opening new year messages, Verisign is warning of a new worm arriving in inboxes with the subject "Happy New Year!"
The message, currently being spread from 160 email domains, requires users to click on the attached "postcard.exe" file in order to cause damage. The file will install several different malicious code variants including Tibs, Nwar, Banwarum and Glowa on the computer. It then executes mass mailings from the infected computer.
The worm is already being heavily spammed, Verisign said. The security company has found one network that is sending out five emails per second with the worm.
While the worm requires user interaction to do harm, Verisign believes that it has potential to do damage because of the "Happy New Year!" subject line. The company is warning users to be wary before clicking on messages that they think may be legitimate happy new year messages from friends.
As of last night, multiple large networks have reported interceptions of the email, Verisign said. While the "postcard.exe" attachment has the same name as an attack spread earlier this month, this is a new and largely undetected threat, Verisign said.