Greeting card e-mail scams
Sept. 12, 2006
Within the past few weeks, many K-Staters have received bogus e-mails that appear to be an
electronic greeting card from a friend but, in reality, are an attempt to trick them into
clicking on a link that will infect their computer with malware.
Greeting card or "e-card" scams
are not new to the Internet but people are still falling prey to the deception. This page
offers help in recognizing when an e-card is a scam.
Example of an e-card scam received at K-State
Subject: Missing you message from a friend !
Date: Mon, 04 Sep 2006 09:57:08 +0200
From: 123greetings.com
To: eID@ksu.edu
*Hello friend !*
A friend has sent you an ecard from 123Greetings.com.
Send free ecards from 123Greetings.com with your choice
of colors, words and music.
Your ecard will be available with us for the next 30 days.
If you wish to keep the ecard longer, you may save it on
your computer or take a print.
To view your ecard, click on the following Internet address.
http://www.123greetings.com/view/CR30904102239651
<http://www.canaltv.org/postcard.gif.exe>
Best wishes,
123Greetings.comBest wishes, 123Greetings.com
|
Clues that indicate an e-mail is bogus
There are several clues in the above message that indicate it is not legitimate:
A. The most important clue is that the actual web address is different from the one
displayed in the message. In the e-mail, the URL is displayed as "http://www.123greetings.com/view/CR30904102239651",
which appears legitimate because 123greetings.com is actually a bona fide electronic greeting-card website.
However, note that the actual URL, which is between the two angle brackets ("<>"), is different
("http://www.canaltv.org/postcard.gif.exe"). That is a huge red flag.
B. The actual URL ends in ".exe", which means it is an executable program that will run on YOUR computer
if you click on that link. This is VERY dangerous, since as soon as you click on that link, the malware will
be installed on your computer and start doing its dirty work.
C. There is no personalized greeting that identifies you as the intended recipient (other than the fact
that the e-mail was addressed to your K-State e-mail address), nor does it identify who it is from. It simply
greets you with "Hello friend" and says a "friend" has sent you an ecard.
D. There is a typographical error in the message signature:
Best wishes,
123Greetings.comBest wishes, 123Greetings.com
Typing errors, poor grammar, and mis-spelled words are common
in greeting-card and other forms of malicious messages.
How to determine if a greeting card e-mail is legitimate
- Be suspicious and NEVER click on the link in the message without verifying it first.
- Look for any of the clues listed above.
- Put your mouse pointer on top of the URL in the message (BUT DO NOT CLICK ON THE URL!!!)
and look at the actual URL that appears in your e-mail client. The actual URL will show up in
different places depending on the e-mail client you use, but most often it appears in the
lower left corner of the window.
- Contact the alleged sender to verify they did indeed send you an electronic greeting card.
- Do a Google search of the name of the executable file in the actual URL, or some other
distinctive part of the message like the subject header. For example, if you google "postcard.gif.exe"
from the example message above, you will quickly learn that this is a malicious attempt to install
malware on your computer.
What to do if you receive an illegitimate e-card
If you receive a fake e-card, simply delete it to remove the threat from your Inbox. There is no
need to save the message or report it to anyone.
For more information about ecard scams, along with advice on how to safely use ecards, see
www.scambusters.org/ecards.html.