Network News

X My Profile
View More Activity

Beware Holiday e-Greeting Cards, Digital Hitchhikers

Cyber crooks are once again blasting out fake holiday e-greeting cards in a bid their special kind of cheer. Also, there are signs that computer viruses may again be piggybacking on digital photo frames and other data storage devices that make popular holiday gifts.

E-greeting scams are hardly new, but they tend to increase around major holidays, probably because consumers are more receptive to opening them at these times and because more people are home in front of their computers.

Most of these e-greeting scams try to foist malicious software by claiming the recipient needs to install some application in order to view the card, such as Adobe's Flash Player. Almost invariably, the downloaded program isn't a legitimate add-on, but malware.

According to Symantec, some of the fake e-card domains being used in this scam include (please don't visit any of these sites):

* [http://]
* [http://]
* [http://]
* [http://]
* [http://]

Most legitimate e-greeting card vendors will include a code in the message that you can enter at their Web site to claim your card. If you believe an e-greeting message is legitimate, avoid clicking on links in the message, and instead, type the name of the greeting card provider into the address field of your Web browser, and then enter the claim code the vendor provided in the e-mail. Under *no* circumstances should you install any software in order to view a card.

In other news, PC World reports that Samsung recently shipped a bunch of digital photo frames with a CD that contained malicious software. If experience over the past few years is any indicator, this won't be the last such incident with factory-shipped malware.

Digital storage devices are built into a wide range of products that consumers will give and receive this holiday season, from photo frames to MP3 players to digital cameras. Trouble is, it is not uncommon for these types of devices to become infected with malicious software even before they leave the factory floor.

In some cases, as the SANS Internet Storm Center notes, the devices pick up digital hitchhikers from customers who return the items after plugging them into their infected PCs. If those items are repackaged and resold without proper testing by the manufacturer or seller, the next customer who buys that item could end up with an unwelcome bonus.

These digital hitchhikers generally rely on Windows users that have the "AutoPlay" feature, which as its name suggests is a setting that automatically runs or loads file directories when the user pops in a CD or device with embedded digital storage. Many legitimate program installation CDs count on users having AutoPlay turned on, so that the mere act of inserting a CD begins the program installation. Unfortunately, malware also can take advantage of this feature to automatically install itself should a user pop in a CD or digital device with one of these hitchhikers tagging along.

By turning off AutoPlay, Windows users can run an anti-virus scan against external media before running or opening any of the included programs or files.

To turn off Autorun in Windows XP, open My Computer, then right click on the icon for your CD/DVD player, and select properties. Click the "AutoPlay" tab. Then, for each file type, select "take no action" and hit "apply." In Windows Vista, turning off AutoPlay is easier: Go to "Control Panel," then "Hardware and Sound," then "AutoPlay," and then just remove the check mark in the box next to "Use AutoPlay for all media and devices."

By Brian Krebs  |  December 26, 2008; 4:20 PM ET
Categories:  Latest Warnings , Safety Tips , Web Fraud 2.0  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: PC Got a Virus? Consider Getting Help Offline
Next: One Weak Link to Rule Them All


Here are a few precaution that one needs to be aware of when one receives ecards.

* Make sure you recognize the sender's name. The sender's FULL name should ALWAYS be included in the subject line (and sometimes in the "from" field) of the email.

* The web site should be easily identified in one or more of the following places: the "from" field, the subject line, or in the email itself.

* Do NOT click any links with simple IP address. In a fake ecard email, the IP address may be hidden and can only be seen by hovering your cursor over the link or right clicking on the link to view properties. The link should not be a series of number (e.g., commonly referred to as an IP address).

* An ecard email should NOT have any attachment of any kind. The recipient will go to the web site to "pick up" (i.e. view) the ecard.

* Legitimate ecard emails will always include an option to pick up the ecard by typing the web site address and enter a code.

* Use a webmail or email application that has good spam filter. My experience with Gmail has been very good. It filters out almost all spam mail.

Posted by: netwashington | December 26, 2008 11:08 PM | Report abuse

In XP, there is no autoplay tab in properties in the CD player. Please help.

Posted by: chaszzzzz | December 27, 2008 12:04 AM | Report abuse

"In XP, there is no autoplay tab in properties in the CD player. Please help."

There is on mine. Remember to go via My Computer first. It doesn't work on a shortcut to the CD-player.

Posted by: bengtl | December 27, 2008 7:13 AM | Report abuse

Great info, especially for my family, which LOVES ecards.

Keeping with the holiday anti-virus theme, you might find this video/site pretty funny...

ESET does the site. I didn't know a computer security company could be so funny...

Posted by: kai7070 | December 27, 2008 11:03 PM | Report abuse

I had XP set to "Prompt me each time to choose an action." Since nothing happens unless I allow it, would this be as safe? Or would malware install itself when the disk ran enough for XP to recognize that an action was needed?

Posted by: B5doc | December 28, 2008 7:36 AM | Report abuse

In other news, PC World reports that Samsung recently shipped a bunch of digital photo frames with a CD that contained malicious software. If experience over the past few years is any indicator, this won't be the last such incident with factory-shipped malware.


Last year My Dell laptop (xp pro) instantly went bluescreen when I installed from the cd that came with SAMSUNG external dvd drive (Model: GSA E10L). Virus scan (Symantec or Kaspersky, I don't remember exactly as I had switched at about that time) didn't produce anything. I then got curious and tested the cd in my emachine desktop, which also started giving me problem. Although my device was plug and play, I tried to use the CD to test the Nero in it. I really got suspicious and ultimately reformatted (with almost whole day lost since I did not have backups) both machines ( This experience scared me off from installing from CD that came with my SAMSUNG cell phone). Now the alerts from Amazon mentioned in the PC magazine link given here for another SAMSUNG device reminds the pain I got and moreove make me believe that I may have actually ended up installing "Free Viruses" from SAMSUNG.

Posted by: rajpol | December 28, 2008 9:08 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company