That 'Hallmark' E-Card May Contain Malware Tidings - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // IT Strategy
Commentary
7/5/2007
07:34 PM
Alexander Wolfe
Alexander Wolfe
Commentary
Connect Directly
Facebook
Twitter
RSS
E-Mail
50%
50%

That 'Hallmark' E-Card May Contain Malware Tidings

"Recieved" was the giveaway; one of the few spelling rules I've retained is "I before e, except after c." So when I my e-mail read, "You have recieved A Hallmark E-Card," I was immediately suspicious. The random capitalization made me wary, too.

"Recieved" was the giveaway; one of the few spelling rules I've retained is "I before e, except after c." So when I my e-mail read, "You have recieved A Hallmark E-Card," I was immediately suspicious. The random capitalization made me wary, too.Most likely, your non-computer-focused family members won't be as on the guard as we are. And that would be very bad, because there's malware at work here.

Here's the e-greeting card. It's a pretty good, fake, to the point where I almost--I say, almost--bought it. Then I remembered that it's not my birthday.



Nothing says it worse than a malware-laden, fake greeting card (click to enlarge image).

It turns out that the threat isn't even concealed with an obfuscatory URL, which is usually how it's done. Scroll your mouse over "To see it, click here," and you see the address of the bad executable: hxxp://www.themusicnetwork.co.uk/(((DONTCLICK))notes/card.exe

I don't know how the "card" executable came to be connected with themusicnetwork.co.uk, which appears to be a legitimate site.

I do know that a Google investigation into the e-card from Hell led me to the helpful CastleCops site. One of its forums listed had the "card" executable on its list of malware.

True, malware-laden greeting cards are nothing new. My experience has been that one receives so many of these things, that when a particularly good fake comes along, you're apt to let down your guard. That's even though we're all well aware never to even look into a card which doesn't come from a named sender.

It's family members who need to be warned to look at the e-card and check it twice, or better yet, give and receive greetings the old-fashioned way, using 41 cents in postage. It'll be a lot cheaper in the long run.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
How to Create a Successful AI Program
Jessica Davis, Senior Editor, Enterprise Apps,  10/14/2020
News
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
Slideshows
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
Slideshows
Flash Poll