Dec26
10:42 am (UTC-7)   |   by Argie Gallego (Anti-spam Research Engineer)

A significant amount of e-card spam has flooded inboxes recently, taking advantage of the upcoming holiday season. Spam mails contain holiday greetings and a short message informing users that they have received an e-card from someone. Also in the email is an embedded URL link where the recipient can view or claim their e-card.

Other subject lines for this type of spam include the following:

  • A Christmas card from a friend
  • A special card just for you
  • Christmas card for you
  • Christmas Ecard Notification
  • Christmas Ecard Special Delivery
  • Christmas greetings e-card is waiting for you
  • Christmas greetings for you
  • Christmas greetings from your friend
  • Christmas Wishes!
  • Greeting for you!
  • Happy Christmas!
  • Have a warm an lovely Christmas!
  • I made an Ecard for U!
  • I sent you the ecard
  • Joyful Christmas!
  • Merry Christmas 2009!
  • Merry Christmas card for you!
  • Merry Christmas e-card is waiting for you
  • Merry Christmas greetings for you
  • Merry Christmas ‘N Happy New Year!
  • Merry Christmas To You!
  • Merry Christmas wishes just for you
  • Merry Christmas!
  • Merry Xmas!
  • Warmest Wishes For Christmas!
  • Wish You A Merry Christmas!
  • Xmas card for you
  • Xmas card is waiting for you
  • You have a Christmas Greeting!
  • You have a greeting card
  • You Have An E-card Waiting For You!
  • You have received a Christmas E-card
  • You have received a Christmas greetings card
  • You have received an E-card
  • You Received an Ecard.
  • You’ve got a Christmas E-card
  • You’ve got a Christmas greetings card
  • You’ve got a Merry Christmas E-card
  • You’ve got a Merry Christmas greeting card
  • You’ve got a Xmas e-card
  • You’ve got an e-card

Once users click the link embedded in the spam mails, they will be redirected to a bogus e-card website. Upon examining and verifying this site, it shows that it was created just this month.

It also appears as if there are several URL links and buttons on the page, but actually the whole page of the site only contains a one large clickable image.

Upon clicking the image, the user is prompted to download the file ecard.exe detected as TROJ_GENETIK.TI.

With the protection and security that the Trend Micro Smart Protection can offer, these combined threats are addressed immediately. Spam mails are now detected through the Email Reputation Technology. URLs related to this spam mails are already blocked by Web Reputation Technology. Finally, the downloaded malicious file ecard.exe is already detected as TROJ_GENETIK.TI.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Friday, December 26th, 2008 at 10:42 am and is filed under Security . You can leave a response, or trackback from your own site.



3 Responses to “Merry Malware Greetings Flooding Inboxes”

  1. Danny Says:
    August 27th, 2009 at 7:59 am

    This is a great article and the list of subject lines helps.

    When I receive corporate holiday e-cards, the subject lines usually has my name or the company name sending. I wonder if spammers are going to start spoofing or masquerading as companies? Such a shame they use these tactics. Although, 2008 wasn’t as bad as it was in 2007. I wonder how 2009 will shape up?

Trackbacks

  1. Malware e-card spam attacks increase - Harry Waldron - Corporate and Home Security
  2. E-Card or ECard doing the rounds « Into the Sun

Leave a Reply


Malevolent Social Networking: Now on Friendster
Yet Another Digital Picture Frame Malware Incident


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice