Computer experts are warning a destructive new e-mail worm has swept into mail boxes over the weekend.
Users should delete all e-mail that begins "Hi! How are you?" Under no circumstances should they click on an attachment in such an e-mail.
Thaweesak Koanantakool, director of the National Electronics and Computer Technology Center, said Thai users unwittingly spread hundreds of copies of the "Sircam" worm between Friday and yesterday, and he had the unhappy, personal proof of that on his own computer. "On Friday and Saturday, I received more than 100 e-mail messages" with the viral program attached, said Mr Thaweesak.
U.S. monitors said that in five days, the worm had become the top computer security problem in Asia.
The e-mail itself is harmless, even if read. The worm is spread only when the e-mail recipient clicks on the attachment. Sircam is similar to previous worms and viruses spread by e-mail but has two additional features which are particularly nasty it can spread across networks and it can effectively wipe all programs from a host computer. The body of the e-mail invariably begins "Hi! How are you?" in English, or "Hola como estas?" in Spanish. After this is an apparently personal message from the sender, inviting the user to click on the attachment. One giveaway: There is no specific reference to what the attachment is, or what it does.
In fact, it is the worm, and clicking on it will infect the machine of the e-mail recipient, and begin a new round of infections. The worm will activate and may mail copies of itself to everyone listed in the user's e-mail address book. "I think, I am 99.9% sure, that on Monday, we will have sad news for Thai business," said Mr Thaweesak.
Users can inadvertently cripple their computer if they delete the worm, which insidiously installs itself in the recycle bin with already-deleted files. Under specific circumstances, Sircam can also wipe out files, access to the registry database or make the computer incapable of starting. Security experts said all major anti-virus software vendors have updated files available to find and safely remove Sircam.
JEAN
Quote of the week: "Learn from the mistakes of others........ You can't live long enough to make them all yourself"