In the past few months I and many other e-mail users have suddenly become very popular with people we don't even know; people who cared enough about a complete stranger to send a message with an ecard greeting. I did not use the embedded link in the message to retrieve my ecard, but immediately started searching some security software websites to learn about this latest approach by hackers to compromise the recipient's computer.
One vendor, Trend Micro, has a very good description of this type of spam and malware attack on their blog with an example of a message and the javascript that tries to run in the background if someone tries to view their ecard.
It has taken a little bit of time for the security vendors to catch up to the blackhats, but this threat has been recognized and most of the security products have been updated to combat this problem. The computer virus is now 20-something years old and exploiting computers is no longer the recreational sport of some pimply teens or anarchists; it has become a very profitable business, so be on your guard.
If you haven't already invested in a security product to guard against malware or haven't renewed your subscription/support agreement to ensure the filters and virus signatures guard against current and future threats, you may want to consider doing so. While it may not be necessary to mention, you should always treat e-mail from an unknown sender with great caution, especially if it has an attachment or embedded link and even more so if the e-mail message encourages the recipient to launch the attachment or link.
Hackers seem to think of everything, don't they. If only they could channel all that energy into doing something useful or helpful with their time, they could probably be very successful. Thanks for the heads up on the ecard scam!
Posted by: Susan Gunelius | August 9, 2007 7:03 PM | Permalink to Comment