Trojan Postcard Targets Windows Users

The Internet Patrol - Patrolling the Internet for You

A spam postcard posing as a friendly postcard which is really a Trojan postcard. (Shades of Sir Winston!) Security firm Sophos is warning of a “spam postcard”, which appears to come from someone you know (as does so much spam these days), but which is really a Trojan laden with viruses and other yucky stuff designed to steal your personal information and allow the perpetrator access to your computer.

When the unsuspecting recipient clicks on the link in the email in order to claim and view their “postcard”, instead the Clsldr-D Trojan horse is installed on their Windows computer, along with several types of malicious code designed to exploit known Windows vulnerabilities. This code includes Troj/Divo-A, Troj/Delf-KP, Troj/Lofler-A, Troj/Siggy-A, Troj/Webdrop-A, and Troj/Small-EM.


Said Sophos’ Graham Cluely, “Because this email doesn’t arrive with an attached file, some may believe it is harmless. But just visiting the web link on an unprotected computer puts it at risk of infection.”

If you receive an unexpected postcard and you really just can’t bear to delete it without checking first, don’t click on the link, but manually type in the purported address of the alleged postcard company, and see what you can see.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

2 thoughts on “Trojan Postcard Targets Windows Users

  1. If you receive an unexpected postcard and you really just can’t bear to delete it without checking first, don’t click on the link, but manually type in the purported address of the alleged postcard company, and see what you can see.

    How exactly does that help if the linked page on the website is using an internet explorer flaw to allow download of the trojan? Aren’t you going to get it anyway?

    It is good advice for going to your bank or Paypal website where you might be misdirected, but the way these “Postcard Spyware” things work, they are already sending you to the real website.

    If in doubt, DON’T GO TO THE WEBSITE PERIOD!!!!

  2. I usually get 3 or 4 “cards” a year. Those I’ve gotten in the past have been legitimate. In order to identify these “Trojan” laden links, I would like to know what sort of message do these convey? Any “clues” would be very helpful.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.