The Bagle-A worm arrives as an email message which talks about a test and has an attachment - a program file with a random name. This file which can pretend to be the Windows calculator, opens a security hole in the infected user's computer which can be exploited by hackers.
"As users come back to work after the weekend they are at risk of finding the malicious Bagle worm in their email inbox," said Graham Cluley, senior technology consultant for Sophos. "The worm pretends to be a "techie looking" test email to fool people into running the dangerous attachment - not knowing they are potentially giving hackers the power to run destructive code on their computer."
"Computer users should be wary of any programs delivered by email even if they seem to come from a known contact. If you email programs around, you should get out of this habit now, as it encourages bad security practice," continued Cluley.
Sophos has published further information and protection against this worm: http://www.sophos.com/virusinfo/analyses/w32baglea.html
Sophos recommends the use of email gateway software, which can block all programs, whether infected or not, in order to enforce safe computing practices.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.