The e-mail messages Sally Watkins received were from her clients in
Italy. But there was something very different about them.
“They didn’t make sense,” said Watkins, a Certified Travel
Consultant with Century Travel in Austin, Texas. “They were two or
three lines referring to things that had nothing to do with me.
There were replies to letters that I didn’t even send them.”
After she opened one of the messages, her computer started
acting funny. It would send emails at random and her anti-virus
protection software began to flicker before the icon disappeared
altogether.
Watkins was one of thousands who had been infected by a
malicious computer worm called Bugbear B that has been disrupting
computers around the world over the past few weeks.
The worm is a new variation of the Bugbear worm that infected
computers last October, and which security experts believe was
originally designed to steal passwords from banks. But it has
spread to thousands of consumer computers.
The worm infected more than 50,000 computers within the week it
was first reported, according to statistics from Trend Micro, a
company that tracks computer infections and makes anti-virus
protection software.
The Bugbear worm uses addresses in a computer’s e-mail program
to send messages using the infected user’s identity.
Watkins received the virus from a network of business associates
in Italy; many of who had each other’s e-mail addresses, which
explains why Watkins got infected e-mails from different
sources.
Though other worms are similar to Bugbear B, it is less
conspicuous in that the subject line of the message seems ordinary,
so people can be caught off-guard if they are not careful.
The code also is not imbedded in an attachment like most other
computer worms, so the e-mail only needs to be opened in Microsoft
Outlook or Outlook Express to activate the program.
The body of the e-mail can be empty or with text taken from
random files or messages found in the infected computer.
“It’s very craftily done,” Watkins said.
Bugbear B has, so far, caused far less damage than other codes,
which are designed to completely destroy data and disable computer
systems.
The worm was created to get passwords and other private
information from global financial institutions listed in the
blueprint of the program.
Experts say that the worm has the ability to disable anti-virus
protection software and penetrate a system. It then determines if
the computer’s user has an e-mail address for one of the banks, and
if so, tries to glean passwords and private information off the
computer. It takes over the computer modem and sends data through
the Internet.
Bugbear B is still just the latest in a line of malicious
computer worms and viruses that are growing increasingly
sophisticated.
A similar worm called Lovegate F has wreaked more damage,
affecting nearly 2 million computers in the last month alone,
according to Trend Micro’s tracking. Another worm, the SQL Slammer,
hit last January, targeting specific servers and affecting
scheduling and ticketing of some airlines.
When it comes to malicious programs that affect desktop computer
users, PC computers are far more vulnerable than Apple computers.
Far more small businesses, including travel agencies, use PC
computers than Apple.
Pat Funk, the Association of Retail Travel Agents’ (ARTA) vice
president of operations, said she had received a number of
responses from members who had been infected by Bugbear B, some who
had received hundreds of infected e-mails. Funk, who sends a daily
electronic newsletter to members, believes many agents don’t do
enough to protect their systems from intrusion.
“Agents just don’t seem to be careful enough when it comes to
viruses,” she said. “Agents are not careful with opening
attachments. You have to be aware and look at the extension. If the
extension is not something that I’m familiar with, I don’t open
it.”
David Perry, global director of education at Trend Micro, said
users can take steps to protect their personal computers against
infection.
“Get and use anti-virus protection and get and use a personal
firewall,” he said, noting that both are often packaged
together.
Perry also suggested going to any anti-virus Web site and
signing up for e-mail alerts that notify computer users of any new
viruses that might be affecting systems.
Automated alerts can come with a computer’s software, and often
include upgrades to protect against new viruses.
“Getting the notification gives people trustworthy information
in an area where there is a lot of untrustworthy information,”
Perry said.
