Holiday e-cards spread more than just holiday cheer

by

Cousin Kimmy just sent me a link to a Hallmark holiday e-card. How sweet!

…wait a minute…

I don’t think it’s really from Hallmark.

…wait a minute…

I don’t even have a cousin Kimmy!

Malicious code writers are at it again this holiday season. The latest trend is a plain text or very simple email that looks like it has been sent from a legitimate e-card source. When an unsuspecting recipient clicks on the link, Trojan software is downloaded onto the computer. Sometimes a user may be prompted to download some sort of plug-in to receive the holiday greeting, or the link may simply lead to a site that downloads the Trojan automatically.

Holiday greeting schemes and Trojans are old tricks, so how are these messages getting by email filters? Some content-based filters won’t block messages that appear to be coming from legitimate sites, in order to avoid blocking legitimate messages (i.e. false positives).

So what are we trying to tell you?

  1. Don’t click on things from long lost cousins you’ve never heard of.
  2. Hallmark and other popular e-card sites haven’t changed their format to send plain text messages. Don’t be fooled; you can always call the sender (if it’s someone you know) and verify that they sent you an e-card.
  3. Trojan software is here to stay…at least for a while.
  4. Have a happy and secure holiday! Click here for a malware-free Commtouch holiday greeting.

 

That is an example of a fake notification. Looks legitimate, doesn’t it? Legitimate card sites will never ask you to download things. Beware!

Trojans, eh? Never look a gift horse in the mouth…

Go back