Happy Valentine's Day! Here's a repeat of my recent post about Storm Worm holiday-related attacks, this time with a romantic come-on. Be cautious opening what might appear to be a card from your beloved today....

The Storm Worm trojan horse is being rolled out to unsuspecting email readers as a Valentine's Day come-on. Storm Worm, known by several different names depending on your antivirus software provider, adds malicious code to your PC in order to open it up to further downloads intended to allow criminal hackers to access your computer and use it to send spam. The process to get Storm Worm onto your PC and begin its new life as a zombie, or spambot, is based on social engineering principles, where the PC user willingly visits an infected web site because of an interesting spam message. Variations in the past year, when Storm Worm was first identified, have included news about the supposed death of Fidel Castro, promises about pornographic photos or video, and the come-on that gave the malware its popular name, "230 dead as storm batters Europe."

The current attempts to lure PC users to visit the infected sites features variations on romantic propositions, such as "Falling in love with you" and "A Toast To You." Users who click on the address included in the spam email are directed to one of several websites that display a heart and another romantic message, while the malware is downloaded behind the scenes.

These types of attacks on personal computers are very common. Security company Sophos reported this week that one out of every 12 emails monitored by the company were of this variant of Storm Worm.

What should you do? The New Tech Heroes recommend that every PC user follow these suggestions, without exception:

• Install up-to-date virus protection, and make sure the virus definition files are updated frequently (at least daily if your PC is connected to the Internet all the time over a broadband connection).
• Install a personal firewall solution. Your cable or DSL modem and wireless router (if you use one) may also have hardware firewalls, but they generally don't inform you of attempts to access your computer from outside and are not easily configurable. At a minimum, make sure Windows built-in firewall is on.
• Don't open email from unknown senders. Be suspicious of email that friends or family forward along to you. Use common sense with all other email, even if it appears to be from someone you know.
• Don't click links in email unless you're absolutely sure you know where it's taking you and it's from a trusted source. Never click one that is shown as an IP address (in the format of ###.###.###.### instead of a domain name).
• Consider setting your browser security to a higher level, or using a browser that has stronger protection against scripting code that can compromise your PC if malicious. (Firefox with NoScript comes to mind.)

Today's statistics from MessageLabs show spam making up over 50 percent of all incoming email, though the rate peaked over last weekend nearer to 70 percent. Even more of a concern is the increase in malicious spam, those unwanted messages that have content or attachments that contain various forms of malware, like viruses, trojan horses, or attempts to obtain personal information through phishing. The virus rate has averaged 0.7 percent for the last week, with phishing attempts running at about 0.4 percent.