A spam postcard posing as a friendly postcard which is really a Trojan postcard. (Shades of Sir Winston!) Security firm Sophos is warning of a “spam postcard”, which appears to come from someone you know (as does so much spam these days), but which is really a Trojan laden with viruses and other yucky stuff designed to steal your personal information and allow the perpetrator access to your computer.
When the unsuspecting recipient clicks on the link in the email in order to claim and view their “postcard”, instead the Clsldr-D Trojan horse is installed on their Windows computer, along with several types of malicious code designed to exploit known Windows vulnerabilities. This code includes Troj/Divo-A, Troj/Delf-KP, Troj/Lofler-A, Troj/Siggy-A, Troj/Webdrop-A, and Troj/Small-EM.
Said Sophos’ Graham Cluely, “Because this email doesn’t arrive with an attached file, some may believe it is harmless. But just visiting the web link on an unprotected computer puts it at risk of infection.”
If you receive an unexpected postcard and you really just can’t bear to delete it without checking first, don’t click on the link, but manually type in the purported address of the alleged postcard company, and see what you can see.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
CashApp us
Venmo us
Paypal us
How exactly does that help if the linked page on the website is using an internet explorer flaw to allow download of the trojan? Aren’t you going to get it anyway?
It is good advice for going to your bank or Paypal website where you might be misdirected, but the way these “Postcard Spyware” things work, they are already sending you to the real website.
If in doubt, DON’T GO TO THE WEBSITE PERIOD!!!!
I usually get 3 or 4 “cards” a year. Those I’ve gotten in the past have been legitimate. In order to identify these “Trojan” laden links, I would like to know what sort of message do these convey? Any “clues” would be very helpful.