Discovered in the United States in March 1999, the Melissa virus is a computer virus that spread by exploiting the macro function of Microsoft Word. The virus spread explosively by infecting users through a macro embedded in a Word file and automatically sending an e-mail containing the same virus to the top 50 people in their Outlook address book when they opened the file. The subject line of the e-mail used the highly credible phrase "Important Message From ," and the attached file was given the seemingly businesslike name "LIST.DOC," which often led recipients to open the file without caution, contributing to the rapid spread of the infection. This was a factor in the rapid spread of the infection.

Discovered in the United States in March 1999, the Melissa virus is a computer virus that spread by exploiting the macro function of Microsoft Word. The virus spread explosively by infecting users through a macro embedded in a Word file and automatically sending an e-mail containing the same virus to the top 50 people in their Outlook address book when they opened the file. The subject line of the e-mail used the highly credible phrase "Important Message From <user name>," and the attached file was given the seemingly businesslike name "LIST.DOC," which often led recipients to open the file without caution, contributing to the rapid spread of the infection. This was a factor in the rapid spread of the infection.

Although the virus did not directly destroy infected computers, it caused network failures by overloading corporate and organizational mail servers through mass mailings. In particular, large corporations and telecommunications carriers experienced temporary outages of their e-mail services, resulting in social disruption. The author, David L. Smith, was arrested and convicted in the U.S., and the case attracted attention as the first case in which a virus on the Internet caused damage for which serious legal liability was claimed.

In Japan, the Melissa virus landed only a few days after its discovery, and major corporations, government offices, and universities reported a string of infections. Many organizations were forced to take emergency measures such as prohibiting the receipt of email attachments and temporarily shutting down their internal networks. In particular, telecommunications carriers and educational institutions experienced server overloads and network outages in some areas, causing serious disruptions to business operations. The incident was widely reported in the newspapers and on television at the time, and the public attention it garnered led to a significant increase in awareness of security measures among IT departments in Japan.

Historically, the Melissa virus occupies an epoch-making position in the history of computer virus development. While earlier viruses spread mainly through physical media such as floppy disks, Melissa was the first to exploit the "information distribution channel" by utilizing the Internet and e-mail as a new means of propagation. The concept of "social engineering," the artful disguising of email messages to gain trust, also became generally known at this point.

After Melissa's introduction, Microsoft revised the macro execution settings in Word and Outlook, making changes to the software's basic specifications so that macros would not be executed unless they were manually enabled by the user. Anti-virus software companies also began to develop real-time updates and automatic scanning functions, gradually establishing a system to control the spread of infection.

In Japan, this incident served as an opportunity for the entire society to recognize that "security is not an additional function of IT, but the foundation itself. In particular, the Ministry of Education, Culture, Sports, Science and Technology (MEXT) and the Ministry of Internal Affairs and Communications (MIC) began to emphasize the importance of information morality and Internet literacy education, and security education was introduced into primary and secondary education. Many companies reviewed their e-mail monitoring systems and restructured their internal network security policies, marking the beginning of the institutional and technological development of Japan's IT society in terms of "anti-virus" measures for the first time.

In this way, the Melissa virus had a social and institutional impact beyond its direct damage. Its historical significance is not just as a type of virus, but as an important turning point that marked the starting point of security awareness in the Internet society. The fact that it continues to be cited in many information security technical books and educational materials today is a testament to its impact.