Friday, February 22, 2008

Ecard redirect to a malicious web site?

We received email from a “scammer” the other day and I decided to pursue finding out if it was real or not. The scam email was supposedly sent from Hallmark, you know the greeting card company. What caught my attention first was the “Click on this link” to view your card. I looked at the email message and noticed that the email was cleverly crafted to have the look and feel of getting an actual notification from Hallmark. Alarms went off as I looked at the “click here” link.

The one thing I know from past Hallmark cards is that the return email address is always from the person that sent the card and not Hallmark – first clue – I have no idea who the sender is. Second clue – the way the link was created didn’t all the necessary combinations of letters and numbers that normally come with a Hallmark email.

After communicating my concerns with Hallmark their response is as follows:

“If you received a legitimate E-Card from Hallmark, the first line of the e-mail will tell you who has sent you the E-Card and the URL (Uniform Resource Locator) in the message of your e-card notification will begin with:

http://www.hallmark.com/ECardWeb/ECV.jsp?a+

That will be followed by characters that describe your individual E-Card.

If the clickable URL is an EXE file, then do not download it.”

The bottom line is; if you don’t know the sender and don’t recognize the format, delete the email. If you recognize the sender and still have concerns, contact sender and ask if they actually sent the email. Start with a new email message to that person.

Safe Surfing,

Darrell Mishler

M & D Creative Concepts LLC

Web Design Services

M & D Online Shopping

Posted by Darrell of M & D Creative Concepts at 5:45 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)