The Melissa virus is a mass-mailing macro virus, first distributed by David L. Smith of Aberdeen Township, New Jersey. The virus has caught massive media attention, and like the Michelangelo virus. The virus, despite doing minimal damage, had caused hundreds of millions of dollars in damage in East Asia.
As a mass-mailing macro virus, Melissa main method of traveling from one computer to another was by email. When the virus arrives, the virus takes form of an ordinary email with the subject line "Important Message From ". The email contains a message that says "Here is that document you asked for ... don''t show anyone else ;-)", and an attachment named list.doc that contains a list of 80 pornographic websites.
When the unsuspecting use opened the infected document file, Melissa checks whether Microsoft Office in the computer has had Melissa or not. If not, the virus sets the value and began its work in sending the virus mail to fifty addresses in the user's Address Book. After that, Melissa infects templates which are used by default in all Word documents, giving it extra ability to infect and send other documents beside adult related websites. This is turn, opens a new way for sensitive information from the user to be leaked.
Melissa also has another payload that triggers itself once an hour and chooses the minute of the payload's delivery by the day. When the infected document is opened or closed at that minute, Melissa will insert:
Twenty-two points, plus triple-word-score,
plus fifty points for using all my letters.
Game's over. I'm outta here.
On December 10, 1999 Smith pleaded guilty and was sentenced to 10 years, serving 20 months, and was fined US $5,000.