Related Resources • Klez Help Center • Friendly Greetings • Virus Encyclopedia • Glossary of terms

From Other Guides • Halloween History

Elsewhere on the Web • Halloween Virus Hoax • Halloween Card hoax • Halloween Virus

If you receive an email urging you to "Have a nice Allhallowmas!", or wishing you "Happy Allhallowmas", or even just "Allhallowmas", the attached file is very likely all trick and no treat. Certain variants of the Klez worm automatically adapt their message seasonally, changing the worm's message to include holiday specific greetings for Halloween, Christmas and New Year's as well as Valentine's Day and April Fools' Day, among others. The Klez virus exploits a vulnerability in Microsoft products that can cause the attachment to execute on unpatched systems. The Klez Help Center provides further details about the worm, including information on obtaining the necessary patch.

Klez is not the only malware taking advantage of the Halloween holiday. In 1991, a virus dubbed Halloween, a.k.a. HappyHalloween, was discovered infecting .COM and .EXE files. The virus activated on October 31st, at which time it created a 10,000 byte file in the current directory from which the infected file was executed. Users would then be presented with an error message:

"Runtime error 150 at 0000:0AC8"

The affects of the virus reportedly resulted in extremely slow load times. The Halloween virus is not currently in the wild and thus poses no threat to users.

Keeping true to Halloween trickery, there are also hoaxes that attempt to take advantage of the mischievous holiday. Both a Halloween virus hoax and a Halloween Greeting Card hoax have circulated in years past, each presenting dire but false warnings of viral disaster. Of course, the best example of miscreant behavior comes not in the form of a Halloween hoax, but in the form of "Friendly Greetings". Neither a virus nor a hoax, the greeting card asks users to agree to allow it to be mass-mailed to everyone in their address book and to allow automatically updating advertising spyware to be installed to their system. The spooky thing is, many users happily click Yes to every prompt, not bothering to read the dialog, thus acting as a manual component to what characteristically becomes very much like an email worm.