The users gets an “You have received an eCard” email, allegedly from 123Greetings.com and is invited to download the poisoned gift it brings.
The file attached beard the name e-card.zip and contains a Trojan horse identified by Sophos as as Troj/DwnLdr-HIW. Once the machine is infected, the Trojan will download other malware from the web, including scareware, a type of software that makes users buy fake security products in hope that they will get rid of an alleged “virus”.
“Maybe it’s time that people learnt that opening an unsolicited email attachment is a truly bad idea? It’s over eight years since the LoveLetter virus (also known as ILOVEYOU or The Love Bug) spread around the world using a similar idea, taking advantage of internet users’ willingness to let their guard down when they think they are receiving a personal message from an unknown admirer or friend,” says Sophos’ Graham Cluley.