The text of the message asks the reader to click on a link to view a selection of Valentine's Day 'e-cards'. However, clicking on the link simultaneously downloads the malicious file Packed.Win32.Tibs.ic. The screenshots of the message and some of the e-cards are shown below:
The link in the message is displayed in the format http://xxx.xxx.xxx.xxx, where xxx is a number, which is unusual for this type of mailing. "We presume the peak in Valentine's Day spam is still to come," says Andrei Nikishin, director for IT security outsourcing at Kaspersky Lab. "According to our information, the leading sources of spam in 2007 were the USA at 11.2%, Russia - 10.8%, Poland - 6.6%, Germany - 5.8% and, in South-East Asia, South Korea and China at 6.2% and 4.5% respectively. The fact that spam is sent, for the most part, by zombie computers, means its quantity depends on the level of Internet penetration and the number of PCs. In Russia, spam stems, primarily, from cities with over 1 million inhabitants, where there are large numbers of PCs and access to the Internet is freely available."