Fake emails disguised as Greeting Cards from Hallmark are now being received.
You’ve received A Hallmark E-Card!” Fake Email
Only, as usual, it turns out to pick up the card you have to visit not Hallmark.com, but http://legacymodels.com/images/funny.gif.exe. Which means that link downloads an executable file. Which means a program.
This is a new tactic Phishers are using to bait you into accessing a fake website in order to steal your private information.
On the surface, the emails look legitimate but are completely fake. Since these are new on the scene, you may be easily tempted into thinking they are real. They aren’t.
Here’s what to look for;
The “from” address will be listed as “hallmark.com” but the actual email address attached to will NOT be hallmark.com. Instead, it will be a non-descript domain name such as “oyoyo (at) jibjab.com”
The clickable link in he email will be listed as an IP address (a series of numbers such as 22.168.188.32). If the email was legitimate, the clickable link would be from hallmark.com
As with all emails you receive from unknown people or companies,
As with most spammers nowadays, you can tell that they went to some great lengths to ensure that the email looks as legitimate as possible.
In many previous e-card variants all of the links within the email would point directly to the malware hosting site. This trend has recently been shifting and this new Hallmark E-Card tactic improves upon that by only pointing the "here" link above to the malicious web site. All of the other links like Customer Service, Store Locator, etc actually point to the same locations that the real hallmark.com site point to. So, if a suspicious recipient of one of these messages clicks on any link in the email other than the malware download link they may be tricked into believing the message is legitimate since it will direct them to the Hallmark site. Seeing this, they may be more apt to click on the download link and become infected.
Emails associated with this new "e-card" appear to be from "E-Cards@Hallmark.com" and will have subject lines like "You've Recieved a Hallmark E-Card!". The other tell tale sign of these fakes can be found if you mouse over (but don't click!!) the "here" link as it links to an executable file like postcard.gif.exe as opposed to an actual web page.
Be on the lookout for these new fake Hallmark E-Cards, especially as we move closer to the Holiday Season (it's still a ways off, but I am sure some stores will have Christmas items on the shelves soon!) as these are likely to become a popular tactic again for Halloween, Thanksgiving, and Christmas.
Make sure you read the entire email
Look for obvious spelling and punctuation erros.
DO NOT click on any embedded links
DO NOT download any attachments
DO NOT reply to the email or click on any email link
If you suspect, even in the slightest, that the email might be fake, it more than likely is
Remember, the only “special” about these Phishing scams is that they are looking to steal your money.
Another day, another damn scam.
Be an Expert Fingerer. Hottest Free Sex Toy Isn’t on the Market
-
How to Be an Expert Fingerer: The Hottest Free Sex Toy Isn’t on the Market
*To make it even better! Hand selected by your dedicated friends at
Liberator, th...
1 year ago
0 comments:
Post a Comment