Scam Electronic Greeting cards for the holidays.
Do not even open those e-greeting cards sent to you from unnamed acquaintances!
If the Labor Day spam deployment of e-greeting cards is any indication of what is to come for Holloween and the rest of the holidays, do not even open those unless you risk compromising your operating system.
It is not necessary to be an anti-virus firm to warn you about the lack of correspondece of the apparent (formatted) link and the hidden actual dotted decimal address that will lead the receiver to another site. At times, the spammer will even fake the name of a reputable business like American Greetings to gain the receivers' trust and infect his/her machine and possibly even hijack its operating system to host the spammers' malware.
Accordingly, do not even open those electronic mails that come purporttedly from an unnamed "family member," "admirer," "business partner," etc.. Even if your machine has been kept up to date with automatic fixes ( I am assuming, of course, that you use Windows) even simply opening the email where the e-greeting is found might expose you to the risk of malware infection ( http://blogs.pcmag.com/securitywatch/2007/09/labor_day_storms.php .
Below are couple of actual e-greetings subjects that we have received:
- Your friend has sent you a card.
- A Labor Day Greeting
- Did you open your ecard yet?
And, these are actual samples of the email body:
- Here is a special greeting, to see it, click here:
- Please go to our viewing center to recieve your <span id="lw_1188867634_0">Labor Day</span> greeting:
- Someone sent you this Psycho Kitty card. It is Hilarious!
Of course, they will provide a fake link that, if opened in a text editor, will reveal an totally different address in dotted decimal format where the operating system of the email/e-greeting receiver might be assaulted with malware. The first fake link will show a reputable business like Google. This is the link the email receiver will see:
http://google.com/07cards/Lday?tzfkqub8tc19zyu0nx51
http://funnycards.com/digcard/Ldaycards?z4afj02rx6l4zvugtzfkqub8tc19z
But under the HTML formatting (and sometimes the explicit decimal dotted IP address) the actual address where the receiver will be taken will be:
- 68.88.96.108
- 85.211.30.101
- 75.21.122.112
Copying and pasting from the text editor the link that purportedly points to Google, as an example of the extent to which these spammers use the name of a reputable business entity to gain trust, I feed the link to my Mozilla browser in my OS/2 machine and this is what I see:
The e-greeting card is not at Google, evidently!
But note that I did not click on the email link, as an unsuspecting user might have done. Having clicked on the email link would have taken my operating system to the unnamed dotted decimal address --where likely a Windows user machine might have been compromised.