Be alert as you read your mail today: fake ecards with loaded exe’s are once again making the rounds…
Oooh, look at the mail that’s piling up:
“You’ve received a greeting ecard”
How exciting. Not.
Today, several mails on my email accounts at home reportedly from greetingcard.org (which Outlook displayed as from firstname.lastname@example.org).
You have received an eCard
To pick up your eCard, choose from any of the following options:
Click on the following link (or copy & paste it into your web browser):
Your card will be aviailable for pick-up beginning for the next 30 days.
Please be sure to view your eCard before the days are up!
We hope you enjoy you eCard.
Nope, not gonna do it.
First of all, I’m sure that legitimate ecard companies are better at spelling (‘aviailable’ as you know is spelled available).
Last year, In his post on Not-So-Friendly Greeting Cards, Brian Krebs of the Washington Post calls out the rise of fake online greeting cards that can install keystroke loggers on to your computer, rather than delivering what you thought to be an innocent e-card from a long lost aunt.
Here’s a couple of things to watch for:
- If a link drives you to an exe file (an executable or application) then think twice.
- If the link isn’t from someone you know, think again.
- If it looks like the mail comes from and directs you to a legitimate ecard site — such as American Greetings.com — be sure that it’s really http://www.americangreetings.com/ by hovering over the URL and verifying the link (see the lower left corner of your browser windows)
- And when in doubt, copy and paste the URL directly into your browser.
For more about what to do when you see these types of emails, see my post on More greeting ecard spam and what to do about it. And see my past note on how there’s no immunity from security vulnerabilities.
(Also, here’s the link if the embedded links above don’t work: http://blog.washingtonpost.com/securityfix/2007/07/notsofriendly_greeting_cards_1.html). You can copy the link as text and paste it into your browser to ensure that I haven’t duped you with a loaded exe. 😉
- Visit http://www.staysafeonline.info.
- To find out more about spyware – what it is, ways your computer can become infected, and what you can do to prevent it – watch this video on protecting your computer.
- If you’re wondering how Windows Defender compares with other Microsoft antispyware and antivirus technologies, check out this product comparison chart.
- Windows Live Safety Center – A Web service designed to help ensure the health of your computer with free scanning tools that help you get rid of unwanted software.
- Malicious Software Removal Tool – A security tool that checks your computer for specific viruses and other malicious software and helps remove any infection found. This tool alone has run more than 2 billion executions.
- Sign up for our security newsletter and receive monthly advice
- Get more online safety tips