What Is It?
For almost a year, we have noticed an epidemic of fraudulent messages, all claiming that you have received an electronic post card from somebody important to you. This represents some fabulous social engineering, because there are sites, such as Hallmark, American Greetings, Blue Mountain, and others, that offer legitimate electronic greeting cards for all occasions.
Unfortunately, the criminals who want to turn your computer into a robot, to do your bidding, usually either sent massive amounts of unsolicted email, or give up the password to your bank account, have subverted this fun aspect of the Web for their own uses.
The malicious code behind these attacks is a variation of the Storm Trojan, a vicious piece of malicious software that has been turning unsuspecting users' computers into robots since early last year.
What Should You Do?
Visit the Windows Update Web site, at http://windowsupdate.microsoft.com/ and let it verify that your copy of Windows is up to date, with all critical updates installed.
Be very cautions of unexpected messages about electronic greeting cards, even if the subject or body says that the card is from someone that you know. The real deal is that someone who has your email address, or someone with whom they have shared your address, perhaps unintentionally, has an infected computer that has already been subverted.
- Unless you recently had a special occasion, or are about to have one, such as a birthday or anniversary, you may as well delete any such message without following the link.
- If you have, or are about to have, a special occasion, and the note appears to be from someone who usually sends you electronic cards, you may open the message and examine the link.
- If the link appears to belong to a legitimate card site, you might consider following it.
- Since most of these malicious Web sites are using old code that has been around for a while, your virus scanner will probably be able to identify and stop any virus, but don't rely 100% on it.
- If your Web browser has a phishing filter, turn it on before you follow the link, and watch the status line of your Web browser very closely for hints that you aren't being sent where you expect to go, and be ready to kill the browser.
The articles on both Snopes and My Digital Life list numerous subjects used by this worm to draw your attention.
As always, let common sense be your guide, and keep your software up to date.
Thank you for your attention and your support.
ersonName>David GrayersonName>, MBA, Chief Wizard
WizardWrx – Established 1985
V: +1 (817) 812-3041
TZ: USA Central, GMT -6
4835 North O'Connor Road
Irving TX 75062-2742
Tell me what you need, and I’ll conjure it.