Who Loves You

Who Loves You - The Greeting Card Scam

While security vendor Sophos reports that on Independence Day (July 4) a new malware attack struck via e−mail greetings in the form of a mass e-mail campaign, millions of fake greeting-card e-mails flooded the internet starting in mid-June.

Experts at Sophos have warned that the July 4 e-mail is a widespread e−mail spam campaign that poses as a 4th July greeting card. Instead of a greeting card, unsuspecting end users really are the victims of an attempt to lure innocent computer users into being infected by a Trojan horse and subsequent attacks by hackers. The e−mails, which are being seen in inboxes worldwide, claim that the recipient has been sent an e-card greeting by a friend and tells the user to click on a link to view the card. Clicking on the link contained inside the e−mail, which is in the form of a numeric IP address, takes surfers to a compromised zombie computer hosting the Troj/JSEcard−A Trojan horse. The Trojan horse then tries to download additional code from the Internet which Sophos intercepts as Mal/Dorf−C.

Earlier in June emails were received that purported to be from American Greetings and other major greeting card companies. However, these cards were also attempts to either infect users or to steal credit card data. Greeting card company American Greetings sent the following inquiry in response to a spam mail forwarded by Knobology for investigation:

"Thank you for contacting AmericanGreetings.com Customer Support.

Based on the information you provided, we have determined that this is not one of our eCards, although the pick up site may mimic ours.

Please forward the original email message or eCard you received to security@americangreetings.com. Please be advised that you will not receive a response from security.

Our technical staff will look into the situation. We strongly advise against downloading anything from this unknown sender. We also recommend you run a virus scan on your computer.

Please note: AmericanGreetings.com will NEVER request an email address or password for eCard pick up!

If you have any further questions or concerns, please reply to this email and include the specific details so that we can offer further assistance.

Thank you,
Joshua M
Your Customer Support Representative
AmericanGreetings.com"

Before opening a greeting card email, or any other email, ask yourself the following:

1. Does it make sense that I am receiving this card / this email at this time?
2. Do I know this person?
3. Does the requested information make sense for the purposes stated?
4. Would I give the information requested out to a perfect stranger at the door?

Source: http://www.sophos.com/pressoffice/news/articles/2007/07/july4.html