Experts Warn of Another Greeting Card Spam

According to security experts, Internet users continue to encounter spam e-cards loaded with malware that often dupe them by appreaing to be legitimate or by exploiting their inquisitiveness. These spam mails currently are posing as Hallmark greeting cards, informing the recipient that he has been sent one.

Moreover, the messages include the same graphics that the site uses, making them appear genuine. Furthermore, unlike the authentic Hallmark e-cards, the counterfeit greetings carry an attachment.

And, as the user opens the attachment, arriving in a zip format, the attack starts. The Trojan .zip folder releases a malicious executable known as postcard.exe along with a key for the Windows registry.

Furthermore, on restarting the system, the key automatically installs a malicious executable file, which adds the end-user's computer to an IRC botnet. Subsequently, the users contact list on that computer is stolen to push out new spam.

However, the e-card attack is not a new phenomenon. The notorious Storm worm has been regularly sending false e-cards on major holidays aiming to augment its already massive botnet. And, as is evident from its longevity, the fake e-card trick is extremely effective.

According to Matt Sergeant, Senior anti-spam Specialist at MessageLabs, a security firm, till the time recipients continue to fall for such old tricks, spammers and malware authors will go on using them, as reported by vnunet on July 25, 2008.

Also, according to Alex Mathews, Head of Operations of Panda Security, sub-Sahara, the Hallmark spoof and others similar exploits use computer users' naivety by purporting to be a real e-mail, as reported by Itweb on July 25, 2008.

Mathews further said that Panda encourages Internet users to be careful about unsolicited e-mails. According to him, if a person is not convinced about the legitimacy of a message, he should contact a security company.

Mathews also adds that it is important to read the e-mail carefully and look for spelling errors along with checking for attachments. Hallmark, for instance does not deliver e-cards containing attachments.

Experts, therefore, suggested users to remain vigilant of unsolicited greeting cards as well as not open attachments arriving via suspicious e-mails.

Related article: Experts Find Two Vulnerabilities in Firefox

» SPAMfighter News - 8/4/2008