Thursday, April 3, 2008

You've Received a Postcard

From Snopes.com

Many web sites offer a service that allows a user to send a customized "greeting card" (or "postcard") to a relative, friend, or acquaintance, delivered as an message containing a hyperlink which the recipient follows to visit the originating site and view the card. Sending out phony notifications is therefore an effective method of camouflaging viruses and inducing unwitting recipients into clicking on links that install malicious programs onto their computers.

A wave of malicious messages sent out employed that very technique, arriving in inboxes bearing subject lines such as "You've received a postcard from a family member!" The messages contain URLs that recipients are supposed to visit to retrieve their e-cards,but those URLs actually point to servers hosting a variety of malware (including a variant of the Trojan, "an aggressive piece of malware that has been hijacking computers to serve as attacker bots" since early 2007) that is furtively installed onto victims' PCs. (Generally, only Windows-based systems are vulnerable.)

















Click on Image to Enlarge

The underlying worm is the same one that has appeared in messages with subject lines as "Sending You All My Love," the "Laughing Kitty," the "Dancing Skeleton," as well as several game and music download offers. Since many of these malicious messages imitate notifications from legitimate sites, recipients should get into the habit of never clicking on links contained within notification. Instead, go directly to the web site of the card company, find the card pickup page within that site, and enter the ID code included in the (If the message was a fake, the worst that will happen is that you won't get a card.)

1 comment:

Roshan Jha said...

This article has helped me in understanding this. Keep Writing! You can also check our blog : customized greeting card