Virus Disguised As PayPal Message Spreading

Disguised as a message from PayPal, a new computer virus said to be a variant of the Mimail virus and able to steal your credit information right from your computer has begun whipping around cyberspace among home computer users.

CNET said late November 14 that the new bug is attached to an e-mail forged to resemble messages from the online pay service eBay bought out in 2002. If the program is run, it will ask the computer for credit information that it sends to the attacker.

"It is a new trend among virus authors to get deeper into criminal acts and attempt to generate revenue," said Network Associates virus researcher Craig Schmugar to CNET. The virus comes as an attachment marked "www.paypal.com.scr" with an e-mail portraying itself as from PayPal, speaking of "information regarding your PayPal account.

"This account, which is associated with the email address will be expiring within five business days," the message continues. "We apologize for any inconvenience that this may cause, but this is occurring because all of our customers are required to update their account settings with their personal information. We are taking these actions because we are implementing a new security policy on our website to insure everyone's absolute privacy."

But if you open the attachment, you get a window showing the PayPal logo and asking for credit information, and it stores any information you give in a file inside the program and sends it to four e-mail addresses the program stores, CNET said.

The bug also hunts through any Internet browser files cached on your computer to grab e-mail addresses from sources found there, sending itself as an attachment to the original message to every one of those found addresses, CNET added.

Antivirus companies are now working to block access to the e-mail boxes and urge computer users to update virus definitions.