A rash of virus-laden spam has been going around posing as Hallmark ecards or other ecards.
“You’ve received a greeting ecard from a friend” says the subject. Variations include “You’ve received a greeting card from a partner”, “You’ve received a greeting postcard from a class-mate”, and “You’ve received a greeting ecard from a class mate”.
The “ecards” appears to come from such legitimate sounding addresses as hallmark.com, MyPostcards.com, postcards.org, e-cards.com, NetFunCards.com, FunnyPostcards.com, Greeting-Cards.com, and VintagePostcards.com.
Whatever the variation, it’s not only spam, it’s almost certainly carrying a virus or a trojan which will turn your computer into a spam- and virus-sending robot.
So don’t open it!
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
If you were to open the email, what you would see would look very much like this:
“Hi. Friend has sent you a postcard.
See your card as often as you wish during the next 15 days.
SEEING YOUR CARD
If your email software creates links to Web pages, click on your card’s direct www address below while you are connected to the Internet:
[URL deleted]
Or copy and paste it into your browser’s “Location” box (where Internet addresses go).
We hope you enjoy your awesome card.
Wishing you the best,
Administrator,
hallmark.com”
See that link up there? If you were to click on the link below “SEEING YOUR CARD”, it would take you to a location where a virus would be downloaded on to your computer. Oh, you might also see a card, so that you wouldn’t suspect what was going on, but within a few days, usually, your computer would be under the control of someone miles away, who would be spewing spam out through your computer. And you would never know until suddenly one day nobody would accept email from your computer any more, because all of the ISPs and spam filters had started blocking it because of all the spam it was sending.
Of course, if we are advising people not to open ecards, we must also advise well-meaning people that they shouldn’t bother sending ecards. And we do. Right here.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
Notice that the bogus e-mails won’t have your name or the sender’s name (most of the valid ones include the sender’s name and e-mail address which is usually recognizable). Also, some of the bogus links look genuine to the viewer, but, in fact, are completely bogus. How can you tell? For most users, just move your mouse over the link WITHOUT CLICKING ON IT, then look at the bottom of your browser window, and you should see the bogus link (i.e., instead of saying something like “Hallmark.com”, it’ll show something completely different). If you don’t recognize the link appearing in either the e-mail or at the bottom of the window, don’t click on it! Unfortunately, some legit ones look bogus, but, there’s a “fix” for that, too! After you’ve deleted the seemingly bogus card, your friend will probably send you an e-mail asking whether you got it. When you say, “Oh, no, I thought it was a spam and deleted it!”, they can just re-send the card using the link they were given as a verification from the legit e-mail website; if they lost *that*, then everyone’s hosed, but, hey, the sender can always re-send it! (FWIW, I’m a computer programmer with over 30 years of experience including a sideline business of fixing home and business computers)
Yeah, I am receiving such mails from a couple of days. I did try to see the site only. But in the middle i realized its a spasm. So I simply stopped my browser and started anti virus scan. Scanning indicated a virus and deleted the file. So I think I am safe :)
la la la la
First, people using Linux or Macs probably don’t have to worry. And those Windows users who keep their systems patched with the latest security updates are probably doing okay too.
Remember that the only way that clicking a link can give you a virus is when your web browser has a security hole the attacking web site can exploit to install and execute code on your system.
More important is to tell people that URLs using an IP address instead of a domain name (i.e. 58.9.174.164 instead of whatever.com) should NEVER be clicked unless you know for a fact precisely where that numerical address leads.