By: Elana Spivack

'ILOVEYOU': How the Infamous Computer Worm Wreaked Havoc

In May 2000, the 'ILOVEYOU' computer worm infected over 45 million computers in 24 hours—and revealed that we may have trusted email a little too much.

Heart icon

Getty Images

Published: May 08, 2025

Last Updated: May 08, 2025

On May 4, 2000, José Dominguez received an email with the subject “ILOVEYOU.” The message read, “kindly check the attached LOVELETTER coming from me,” and contained an attached file titled LOVE-LETTER-FOR-YOU.TXT. 

But Dominguez, then a network architect running the University of Oregon’s security group, noticed something unusual: This email had arrived at 3:17 a.m. from one of the university’s vendors.

How the ILOVEYOU Worm Spread

Dominguez was far from the only person to receive this email. The vendor who had emailed him was not a lovesick insomniac proclaiming deep affection for everyone online, but rather someone who had fallen prey to the very same message. This email delivered not a love letter, but a worm that, when activated by opening the attached file, would delete the recipient’s files, self-replicate and send itself to every email contact.

The ILOVEYOU computer worm, also known as the Love Bug and Loveletter, reached over 45 million computers in 24 hours and ultimately infected 10 percent of computers connected to the internet, causing billions of dollars in damage. A quarter-century later, users and technology are smarter—but scammers are getting smarter, too.

It reached and infected computers within the British Parliament, the U.S. Congress and the U.S. Air Force, according to one analysis by Matt Bishop, a computer science professor at the University of California, Davis.

The Birth of the Internet

On October 29, 1969, Stanford programmer Bill Duvall sent a one-word message to student programmer Charley Kline who was 350 miles away at UCLA. This one-word message - "login" - was sent between two computers, each the size of large room. This message marked the first inter-computer communication, which many consider to be the birth of the internet.

Worm Exploits Key Vulnerability in Windows

Now chief information security officer at the University of Oregon, Dominguez says he fortunately didn’t fall victim to the Loveletter because he was using a Linux system instead of Windows, which the worm exploited. “At the time, this was one of those [worms] that was very Windows-targeted,” Dominguez says, “taking advantage of a lot of the integration that Windows has in all of their products, but also some of the vulnerabilities that integration brings.” 

One Windows vulnerability the worm exploited was how the system displayed file types in email attachments. Though the email’s attached file included .txt in its title, indicating that it was a text file, this was an intentional misdirect. The attachment was actually a .vbs file, which stands for Visual Basic Script. A .vbs file contains code that, through Windows or Internet Explorer, can perform processing functions. 

In this case, those processing functions entailed corrupting existing computer files, self-replicating and propagating, or sending itself to the user’s entire email contact list. However, Loveletter recipients were unable to see the .vbs file type because, at the time, Windows systems didn’t display file extensions.

Student in Philippines Unleashed the Worm

Loveletter’s creator was Onel de Guzman, then a 24-year-old student at AMA Computer College in the Philippines. In 2020, de Guzman said he deployed the computer worm to access the internet for free by stealing passwords, not anticipating the worldwide damage it would cause. This worm came in the wake of a similar attack called Melissa in March 1999, which enticed users to open an attachment that was supposedly risqué content but actually unleashed a virus that propagated to the first 50 contacts in the user’s email address book.

However, ILOVEYOU was remarkable because of its scale. “It was different because through this phishing email, it was able to reach millions of computers, causing damage worldwide,” says Hanan Hibshi, an assistant teaching professor at the Information Networking Institute at Carnegie Mellon University. Phishing is a defrauding practice in which someone tries to extract information from someone else by deceiving them with a misleading email.

Lessons from the ILOVEYOU Fiasco

More than two decades later, “email continues to be the main method of transport for malicious content,” Dominguez says. Through phishing or malware, email provides ripe grounds for scamming. Dominguez and Hibshi both say this vulnerability arises from how much users trust email.

“It's a matter of the trust that we have put on email as a platform,” Dominguez says.

People who used computers and email at the time “trusted that the system is reliable,” Hibshi says. But ILOVEYOU “was a lesson to everyone that we shouldn't trust things on the internet … and I think that was a lesson that we learned hands-on.”

Back on that spring day in 2000, Dominguez and his team had to warn the University of Oregon about the email. Today, there are safeguards against phishing scams, so individuals are less vulnerable. Spam filters remove suspicious emails from our inboxes, using tools like pattern matching to identify potentially harmful messages. 

With pattern matching, spam filters can detect common phrases and characteristics in phishing emails, automatically marking them as rubbish. It could also flag emails with large attachments or compressed files that conceal their contents. We use our human intelligence for pattern matching, too, perhaps clocking strange sequences of numbers and letters in a message that purports to be from our streaming platform or bank. 

Some scammers devise ways to circumvent these filters in evasion attacks. “With advances in machine learning, these spam filters are even getting smarter,” Hibshi says, “but also the evasion attacks are getting smarter.”

Bishop, the professor from UC Davis, recommends hovering your cursor over the link an email directs you to, which will reveal the URL destination. Make sure you recognize the entire address, and note whether the domain ends in unfamiliar letters, which could signal the website domain could be coming from a foreign country.

Despite best efforts, attacks like ILOVEYOU aren’t a thing of the past. While there are more obstacles to spreading worms and viruses, these blitzes are still out there. “All I need is for one user to make the wrong decision,” Hibshi says. “I only need, of all those millions, one person to just click on that attachment.”

Related Articles

Watercolour portrait by Alfred Edward Chalon of Ada King wearing evening dress with a mantilla and holding a fan. Augusta Ada King, Countess of Lovelace (1815-1852) was the daughter of the great Romantic poet Lord Byron (1788-1824). She was a writer and a trained mathematician. King acquired fame by working with Charles Babbage (1791-1871) on the world's first computer, the �Analytical Engine�, which could carry out many different types of calculations. She designed several computer programmes for the engine which were coded onto cards with holes punched in them - thus becoming the world's first computer programmer.

The pioneering woman is often cited as the world’s first computer programmer.

A close-up view of a hook-and-loop fastener.

After inspecting burrs that had stuck to his dog’s fur, a Swiss engineer got an idea.

A microwave oven, released in 1978 by Amana Refrigeration Inc.

While standing near a magnetron in an aerospace research facility, an engineer noticed that a chocolate bar in his pocket melted—and he got an idea.

The Earth's atmosphere, as seen from space.

International cooperation, initiated in the late 1980s, helped heal Earth’s damaged ozone layer and steer it toward recovery.

About the author

Elana Spivack

Elana Spivack is a journalist with bylines in Scientific American, Slate, Popular Science and more. She lives in New York City with her tuxedo cat.

Fact Check

We strive for accuracy and fairness. But if you see something that doesn't look right, click here to contact us! HISTORY reviews and updates its content regularly to ensure it is complete and accurate.

Citation Information

Article title
'ILOVEYOU': How the Infamous Computer Worm Wreaked Havoc
Website Name
History
Date Accessed
May 08, 2025
Publisher
A&E Television Networks
Last Updated
May 08, 2025
Original Published Date
May 08, 2025

History Revealed

Sign up for "Inside History"

Get fascinating history stories twice a week that connect the past with today’s world, plus an in-depth exploration every Friday.

By submitting your information, you agree to receive emails from HISTORY and A+E Global Media. You can opt out at any time. You must be 16 years or older and a resident of the United States.

King Tut's gold mask