Security companies are currently examining a suspicious Valentine's Day email being sent to computer users.
The site then asks users to download an 800Kb file that will need Flash to be viewed.

Antivirus firms have already discovered that the software changes the browser's default search engine and drops an unidentified DLL into Windows.

A check on the basic www.valentines-ecard.com URL reveals that the page has exceeded its monthly bandwidth limit.


This raises the possibility that either a company has dramatically underestimated demand, or that the site was set up as a one-off with no commercial intent.

Research by Sophos is also troubling. It has received many copies of the email and noted that all of them direct the user to exactly the same email address.

The domain is registered in New York but the name server addresses are based in Australia (registrations.com.au).

"We're classing this as an unwanted application," said Jack Clark, antivirus specialist at Network Associates.

"It looks like we have the first of the Valentine's Day attacks. I wouldn't touch this with a barge pole."

The company has had many copies of the email sent in for checking from its clients and is conducting further tests.

Gunther Ollmann, manager of Xforce security systems services, said: "I'd be very suspicious of a file that big.

"It could be a legitimate card, contain mass mailing or advertising software or even just be a way of harvesting valid email addresses.

"A lot of e-card companies make their money by gathering valid email addresses from users and selling them to marketers."

Many copies of the email have been sent in for analysis and more information will be available by the end of the day.