Watch Out For Malicious eCards
eCards will be swarming in everyone's email box and be sure that for every legitimate one there's at least an infected package just waiting around the corner of your folder. Symantec brings word of a new eCard mass spam campaign, designed to fill you with the joy of having your machine infected.
December 6, 2007
The mail seems to originate from a legitimate source and thus, the receiver is usually tempted to click on the link included in the message and see the card. However, this is hardly the case. According to a report on Symantec's blog, the URL included in the eCards attempts to download "sos385.tmp" file, which is a downloader eager to get onto the web and install more malware on the victim's machine.
Basically, the mail resembles the following example: (it's worth noting the spoofed header, as well as the “no worm , no virus” text placed right next to the link):
Subject: This is my one-off Xmase-card for you ^_^ Very nice
From: ***** Ecard !!! XXXXX@*mail.com
Date: Sat, 17 Nov 2007 05:11:16 -0600
http://uklotttery.us/?id=ecard << This is my one-off Xmase-card for you ^_^ Very nice
(no worm , no virus)”
As always, the way to dodge such attempts is to ignore any mail coming from an unknown source. Also, be careful with emails coming unexpectedly, they might not actually come from the person/organization you believe to have sent them.