4th of July Ecard

Filed Under: Malware, SophosLabs, Spam

The current trend of spreading malware via "Ecards" (greeting cards that can be sent and read online via email) continued in huge volumes today (As previously reported here: A not so friendly Ecard, and here: Ecards continue to flood in). Instead of looking like a generic card from a common ecard service like we have been seeing for the past week "You've received a greeting card...", this variation made use of tomorrow's July 4th US holiday to entice more clicks.

Subject lines used were:

4th Of July Celebration
American Pride, On The 4th
America's 231st Birthday
Americas B-Day
America the Beautiful
Celebrate Your Independence
Celebrate Your Nation
Fireworks on The 4th
Fourth of July Party
God Bless America
Happy 4th of July
Happy B-Day USA
Happy Birthday America
Happy Fourth of July
Independence Day At The Park
Independence Day Celebration
Independence Day Party
July 4th B-B-Q Party
July 4th Family Day
July 4th Fireworks Show
Your Nations Birthday

To install their malware, the scammers are still trying to trick readers into clicking on an IP based link pointing to a compromised home PC (the same "zombies" that are spewing spam), which hosts a malicious web page detected by Sophos as Troj/JSEcard-A as well as an executable detected as Mal/Dorf-C.

Ecard

You might like

About the author

Brett is a Technical Lead in the AntiSpam Operations team within SophosLabs. He has been working for Sophos since their acquisition of ActiveState in 2003.