Update: Cupid stunt sends not-so-funny Valentine

A suspicious Valentine's Day email being sent to computer users is nothing more than a primitive email harvester.

The email, from cupid@valentines-ecard.com, claims that the recipient has received an e-card and invites users to click on a link.

The site then asks users to download an 800Kb file that will need Flash to be viewed.

Antivirus firms have already discovered that the software changes the browser's default search engine and drops an .EXE file into Windows.

This displays a primitive card with the message:

Hey cutie!
Just wanted to say happy valentines day and i miss chatting to you! Where are you been? Oh you probably don't know who this is? Well lets keep that a secret for now. Have a great vals day!
Lotsa Love, Your secret admirer!

Presumably an email to find out the sender's identity will be stored and passed on to spam mailers.

A check on the basic www.valentines-ecard.com URL reveals that the page has exceeded its monthly bandwidth limit.

This raises the possibility that either a company has dramatically underestimated demand, or that the site was set up as a one-off with no commercial intent.

Research by Sophos is also troubling. It has received many copies of the email and noted that all of them direct the user to exactly the same email address.

The domain is registered in New York but the name server addresses are based in Australia (registrations.com.au).

"We're classing this as an unwanted application," said Jack Clark, antivirus specialist at Network Associates.

"It looks like we have the first of the Valentine's Day attacks. I wouldn't touch this with a barge pole."

Gunther Ollmann, manager of Xforce security systems services, said: "I'd be very suspicious of a file that big.

"It could be a legitimate card, contain mass mailing or advertising software or even just be a way of harvesting valid email addresses.

"A lot of e-card companies make their money by gathering valid email addresses from users and selling them to marketers."