The worm originated in the Pandacan neighborhood of Manila in the Philippines on May 5, 2000, thereafter following daybreak westward across the world, moving first to Hong Kong, then to Europe, and finally the United States, as employees began their workday that Friday morning. The outbreak was later estimated to have caused US $5.5-8.7 billion in damages worldwide, and estimated to cost the US $15 billion to remove the worm. Within ten days, over fifty million infections had been reported, and it is estimated that 10% of internet-connected computers in the world had been affected.^[6] Damage cited was mostly the time and effort spent getting rid of the infection and recovering files from backups. To protect themselves, The Pentagon, CIA, the British Parliament and most large corporations decided to completely shut down their mail systems.This virus affected over 45 million computers and was one of the world's most dangerous computer related disasters.

The ILOVEYOU script (the attachment) was written in Microsoft Visual Basic Scripting (VBS) which run in Microsoft Outlookand was enabled by default. The script added Windows Registry data for automatic startup on system boot.

The worm then searched connected drives and replaced files with extensions JPG, JPEG, VBS, VBE, JS, JSE, CSS, WSH,SCT, DOC, HTA, MP2, and MP3 with copies of itself, while appending the additional file extension VBS,making the user's computer unbootable. However, the MP3 and sound related files are hidden and not overwritten.

The worm propagated itself by sending out one copy of the payload to each entry in the Microsoft Outlook address book (Windows Address Book). It also downloaded the Barok trojan renamed for the occasion as "WIN-BUGSFIX.EXE". The fact that the virus was written in VBS provided users a way to modify the virus. A user could easily modify the virus to replace important files in the system, and destroy it. This allowed many variations of ILOVEYOU to spread across the internet, each one doing different kinds of damage.