This isn’t the first time that malicious software is being sent disguised as an e-card, but when something works, scammers often use it, time and time, again.

Mary Landesman of is warning all of us:

The latest greeting card scam is once again targeting Hallmark. The bogus email claims “you have recieved a Hallmark E-Card!” The first tip-off for the security conscious should be the misspelled ‘recieved’ – it’s I before E except after C (or when sounded like A as in neighbor and weigh). One would assume the prose experts at Hallmark would know their receive from their recieve – which, of course, they would. In any event, the message doesn’t even read like a real Hallmark notice, which always identifies the sender by name and gives you an alternate link URL that you can copy and paste in lieu of blindly clicking a link. Why is this important? Because a real Hallmark URL doesn’t point to an IP address followed by ‘postcard.exe’ – which the malicious link does.


Here is information on the particular trojan being delivered in these e-cards, but this could change tomorrow, or might have already. There is a lot of malicious software out there.

And just what does this latest greeting card scam deliver? Like most others, it dishes up a variant of the Zapchast Trojan. Zapchast installs an Internet Relay (IRC) chat client and causes the infected computer to connect to an IRC channel. Attackers then use that connection to remotely command the machine. And you thought forgetting your birthday was bad.

Sounds like another method of turning a computer into a zombie, which is normally used to help spread more spam. Spam is a vehicle for most Internet scams, or at the very least, questionable products.

Spam is reaching epidemic proportions, and seems to be getting past a lot of spam filters, recently. A good place to learn about, or fight spam is story, here.

Be Sociable, Share!