Be alert as you read your mail today: fake ecards with loaded exe's are once again making the rounds...

Oooh, look at the mail that's piling up:

"You've received a greeting ecard"

How exciting. Not.

Today, several mails on my email accounts at home reportedly from greetingcard.org (which Outlook displayed as from alien@got.net).

Good day.
You have received an eCard

To pick up your eCard, choose from any of the following options:
Click on the following link (or copy & paste it into your web browser):

http://somerandomurl.com/e-card.exe

Your card will be aviailable for pick-up beginning for the next 30 days.
Please be sure to view your eCard before the days are up!

We hope you enjoy you eCard.

Thank You!

http://www.greetingcard.org

Nope, not gonna do it.

First of all, I'm sure that legitimate ecard companies are better at spelling ('aviailable' as you know is spelled available).

Last year, In his post on Not-So-Friendly Greeting Cards, Brian Krebs of the Washington Post calls out the rise of fake online greeting cards that can install keystroke loggers on to your computer, rather than delivering what you thought to be an innocent e-card from a long lost aunt.

Here's a couple of things to watch for:

  • If a link drives you to an exe file (an executable or application) then think twice. 
  • If the link isn't from someone you know, think again. 
  • you've been had!If it looks like the mail comes from and directs you to a legitimate ecard site -- such as American Greetings.com -- be sure that it's really http://www.americangreetings.com/ by hovering over the URL and verifying the link (see the lower left corner of your browser windows)
  • And when in doubt, copy and paste the URL directly into your browser.

For more about what to do when you see these types of emails, see my post on More greeting ecard spam and what to do about it.  And see my past note on how there's no immunity from security vulnerabilities.

(Also, here's the link if the embedded links above don't work: http://blog.washingtonpost.com/securityfix/2007/07/notsofriendly_greeting_cards_1.html).  You can copy the link as text and paste it into your browser to ensure that I haven't duped you with a loaded exe. ;)

More info:

Tags: Microsoft, security, antivirus, antispyware, Windows Defender.

Bookmark and Share 

http://tinyurl.com/55hjma