Not another eCard – malware attacks via email

ecard, ecard, ecard

2007 was the year of ‘Storm’ (also known as Dorf).

One of the social engineering techniques it used (and which probably contributed to its success) was the lure of an electronic creating card or ‘eCard’.

Over the course of the year we had a seemingly endless stream of greetings for practically every conceivable reason: Halloween, Christmas, 4th of July and so on.

Publicity around Storm seems to have died off over recent months, although there is still a lot of discussion about it in industry.

One thing is for certain though, fake greeting cards are still popular with the malware authors. Looking at the current flood of malware coming into our spam traps, eCards are back with a vengeance!


In this case, the authors aren’t even trying to make an excuse for it nearly being Halloween, instead just telling the recipient to open the attachment. Judging by the volumes, they seem to be following the “if I ask often enough, someone will open it” approach. Please don’t!!

At the same time, there is another slightly more sophisticated campaign going on, this time with links to a website, and a well crafted ‘fake’ message that appears to be from Hallmark cards.

Closer examination shows that the link is not, in fact, to but to a site that appears to be hosted in Spain.

So at the risk of offending, if you receive an email saying you’ve received an ‘ecard’, you probably aren’t as popular as you think you might be. In fact you certainly won’t be if you open it, click on it, or do anything other than hit “Delete”.