Recently, we’ve seen electronic greeting cards (ecards) loaded with malicious software sent out by the millions in spam e-mails. For the person, who accidentally opens one up, the end result is (probably) an unfortunate experience of one kind or another.

With the holidays upon us and spam levels increasing, we will more than likely see another rash of ecard spam (scams).

The unfortunate experiences range from having your system turned into a zombie (part of a botnet to send out more spam e-mails) to having all your personal details recorded with keylogging software and sent to scammers, who use it to make you an identity theft statistic.

Of course, people are also often tricked into giving up their details via social engineering techniques, also.

Symantec recently issued findings that 71 percent of all e-mails are spam. Breaking it down further, spam is the preferred vehicle to further fraud, phishing and financial misdeeds on the Internet.

Going back to the ecard scam phenomenon, a warm wish from someone is a pretty sneaky form of social engineering (deception) designed to trick someone into downloading something on their system they shouldn’t have.

In response to this, American Greetings, recently launched a campaign to educate the common person how to tell if the greeting they receive is from a friend or a foe.

Here are some information bytes from their new page about what they have done to stop ecard scams:

AmericanGreetings.com has changed the format of all ecard notification emails sent to ecard recipients. Now legitimate ecard notification emails from us will have all of the following attributes:

The “from” will always show “Ecard from AmericanGreetings.com” as the display name and ecards@americangreetings.com as the email address. Make sure you check both the display name and email address of the email.

It should appear as the following: “Ecard from AmericanGreetings.com”

The subject line will always include the name of the individual sending the ecard. Make sure you recognize the individual in the subject line before clicking on any links. It should appear as the following:”John Smith has sent you an ecard from AmericanGreetings.com” (“John Smith” is the individual sending the ecard to you).

The email message will include the name and email address of the sender. Make sure you recognize the individual in the email message before clicking on any links.

We have made it easier to find the ecard pickup area on our site, so you can quickly and safely view your greeting without clicking on any email links. On AmericanGreetings.com, it is now located in the upper right-hand corner of the homepage (americangreetings.com)

They also offer some sage advice on how to avoid becoming a victim:

First and foremost, if there is any suspicion that you have received a fraudulent ecard email, do not click on any link.

If you have any doubt who the email is from, manually type in www.americangreetings.com after the http:\\ found in your Internet browser.

Then find the ecard pickup link (ours is found in the upper right-hand corner of our homepage: www.americangreetings.com) to safely view your ecard.

Last, but not least some pretty informative information on ecard scams in general:

A wide variety of websites and brands have been affected. While the subject line of the malicious ecard email tends to be generic, such as “You’ve received an ecard from a class-mate!” or “You’ve received a postcard from a family member,” more recent examples include brand-specific messaging such as “Worshipper sent you a postcard from americangreetings.com.” Also, the pickup link within a malicious ecard email is most likely always an IP address, such as 127.0.0.1, which is much different than the typically used pickup link from a legitimate ecard sender that starts off with the host name (e.g., americangreetings.com) and not a series of numbers. As of August 23rd, we have started observing fake emails where the link shows a host name (e.g., http://www.americangreetings.com) but the actual link goes to an IP address instead of americangreetings.com. To see if there is an IP address associated with the link, hover over it with your cursor. If you see a URL when hovering over the link that has a series of numbers, such as http://89.678.999.12, it is not a legitimate link and you should not click on it.

If you are interested in viewing the rest of this resource before you open an ecard, the page on their site can be seen, here.

Of note, they have some pretty good visual demonstrations that can be seen on the page.

Be Sociable, Share!