A Hallmark malware event

So, imagine you receive this email..

An email claiming to contain a link to a Hallmark ecard

What do you think? Safe or not?

Well, as you’re reading this blog you’re probably assuming that it’s something malicious, but you can’t actually tell that for sure from what I’ve shown you. Maybe your suspicions will have been raised by the spelling mistake (“Hackers be ashamed of yourselves! I before E except after C!”), but I suspect a lot will have missed that.

You could hover your mouse over the link, and you might notice that the file being linked to isn’t on the real Hallmark website, and is – in fact – executable.

But would your mum be canny enough to do that? What about your son? Or your Aunty Hilda?

And that’s why these kind of malware distribution schemes still work. Not because of a flaw in the operating system or because what the hackers are doing is mind-boggingly sophisticated, but because the average Joe in the street thinks it’s worth the risk of clicking on a link in an unsolicited email to see an electronic greeting card.

All you can do is encourage your mum, son and favourite Aunt to keep their computer security up-to-date, be suspicious of unsolicited emails, and to perhaps consider the benefits of traditional paper greetings or a friendly phone call instead of ecards in future.

But are they listening? Somehow I doubt it.