Melissa Virus Definition

The Melissa virus was a macro virus released in late March 1999. It spread through Microsoft Word documents and used Microsoft Outlook to email itself to new victims. The virus didn’t steal money or corrupt data, but it overloaded company networks and email servers as it spread.

The virus is no longer a significant threat today because it can’t spread on modern systems. Even if it could infect a device, most antivirus programs can easily detect and quarantine it.

How the Melissa Virus Worked

The virus spread through infected Word documents that contained a malicious macro (an automated script embedded inside the file). Its creator uploaded an infected document called “list.doc” to an adult-themed online forum, claiming it included free passwords for paid websites.

When someone opened the Word file, the macro ran automatically and infected the system. The virus then used Outlook to email the same infected document to the first 50 contacts in the victim’s address book alongside lure messages, like: “Here is the document you requested ... don’t show anyone else ;-).”

The Impact of the Melissa Virus

While the Melissa virus didn’t delete or corrupt files, it still caused significant disruption. The mass-mailing behavior overwhelmed internal networks and email servers at over 300 companies, including Microsoft. The virus even reached government agencies, such as the United States Marine Corps. Damages were estimated at around $80 million due to downtime and recovery efforts.

The Person Behind the Melissa Virus

The virus was posted online under the pseudonym “Kwyjibo,” but authorities traced the electronic signature to US programmer David Lee Smith. He was arrested in April 1999 and pleaded guilty later that year. In May 2002, Smith was sentenced to 20 months in federal prison and a $5,000 fine.

Read More

• What Is a Computer Virus?
• What Is Malicious Code?
• What Is an Antivirus?

FAQ