 sj |
||
|
||
BS: greeting cards trojans virus warning
|
|
|
|||||||
|
BS: greeting cards trojans virus warning |
Share Thread
|
||||||
|
Subject: BS: greeting cards trojans virus warning From: Cllr Date: 03 Jul 07 - 03:29 AM Got one early this morning from greeting cards.com I didnt down load it it said it was from a mate! anyhooo just a little heads up cllr Greeting Card Scams Foist Trojans Attackers are increasingly using greeting card scams to foist trojans on the unsuspecting. Fortunately, there are some tell-tale signs and tips to follow that can help you avoid becoming a victim. Be extra suspicious if (a) the greeting card doesn't address you by name; (b) the card sender's name isn't included in the body of the email or the name isn't familiar; and (c) it's not a holiday, a birthday, or any other occasion that might warrant a card. If the card requires that you install a special viewer or tries to download a file to your system, treat it like a trojan. Cancel the download and scan your system with up to date antivirus software. Be extra vigilant. If you receive a card from someone you know but you aren't quite sure it's legit, compose a new email to that person and ask if they sent you a card. Don't reply using the email you received - the From address just might be bogus. Typically, the bogus greeting cards try to trick you into downloading a trojan that then tries to download other malicious files to the system. Even worse, the trojan is often cross-infected with the Parite virus. One example of a cross-infected 'greeting card' trojan is Backdoor:IRC/Zapchast.AN. There are two victims with these greeting card scams - the user who fell for it and the legitimate greeting card company whose good name was used to trick that user. For example, there have recently been several reports of these scams pretending to be from the legitimate - and quite harmless - Bluemountain Greeting Cards site. This is not the first time Bluemountain has been caught in the crosshairs - in 1999 they were the victim of a virus hoax that also tried to discredit their name. |
|
Subject: RE: BS: greeting cards trojans virus warning From: Peace Date: 03 Jul 07 - 03:34 AM And just in time for July 4th. Thanks for the heads up, Cllr. |
|
Subject: RE: BS: greeting cards trojans virus warning From: SINSULL Date: 03 Jul 07 - 10:22 AM I have received several of these over the past two weeks. I deleted them because the title said "A friend has sent you a greeting". All my friends have better sense. Honestly, don't open anonymous emails. SINS |
|
Subject: RE: BS: greeting cards trojans virus warning From: JennyO Date: 03 Jul 07 - 10:23 AM A couple of days ago I got two, supposedly from AMERICAN GREETINGS, whoever they are. Needless to say, I didn't click on their links. It was interesting to see that hovering over the links showed something entirely different from what it said they were. |
|
Subject: RE: BS: greeting cards trojans virus warning From: The Fooles Troupe Date: 03 Jul 07 - 11:11 AM "hovering over the links showed something entirely different from what it said they were. " If your browser will do this, it is a dead set easy way to expose the fraud. |
|
Subject: RE: BS: greeting cards trojans virus warning From: JennyO Date: 03 Jul 07 - 11:53 AM Yes it is. I have a status bar at the bottom that shows any link I am hovering over, but I didn't think it was all that hard to come by. My browser is Firefox by the way. If I tick 'status bar' under 'view', it shows up. |
|
Subject: RE: BS: greeting cards trojans virus warning From: Liz the Squeak Date: 03 Jul 07 - 12:02 PM I got one too - this one was a 'postcard from a friend'... I didn't open it all the way though, so hopefully saved myself a virus. Thread creep... aren't 'Trojans' condoms in the US?? I thought they were supposed to prevent the spread of viruses.... LTS |
|
Subject: RE: BS: greeting cards trojans virus warning From: Folkiedave Date: 03 Jul 07 - 12:17 PM U usese Mailwasher, and find it indispensable. |
|
Subject: RE: BS: greeting cards trojans virus warning From: Ebbie Date: 03 Jul 07 - 12:38 PM Like y'all, I don't open any email where I don't recognize a name or when I'm expecting a response. The one type of spam that bemuses me is the one that says it's from 'No Name.' 'No Subject'. Just who would open something like that? |
|
Subject: RE: BS: greeting cards trojans virus warning From: Becca72 Date: 03 Jul 07 - 12:45 PM It's always been my understanding that you cannot get a virus simply by opening an email...you have to actually act in some way, like opening an attachment, following a link, or replying...but I could be wrong. In any case, I delete unrecognized emails as soon as they come in. I have Yahoo and they do a damned fine job of sorting out spam from regular mail and I can then delete the "junk" folder en masse without even looking at it. and Liz, dear...think trojan HORSE :-) Although I guess a condom could hide a bit of a surprise, too...hehe |
|
Subject: RE: BS: greeting cards trojans virus warning From: Jeri Date: 03 Jul 07 - 01:03 PM If you read e-mail in HTML (nice colors & fonts, embedded pictures) and scripting is enabled (not sure if it's all types of scripting), you can be infected. I don't see any need for all the bells and whistles in what is primarily meant for communication. I have my e-mail program set to read text only. Also, unless I know something's headed my way, if it takes too long to download, there's a possibility it's going to get deleted from the server without me seeing it. I've got a dial-up, and one or more megabytes of fru-fru is more than I'm willing to download. Also, just because it appears to come from someone you trust doesn't mean you can trust the e-mail. People who mass-mail irresistibly cute things can be fooled, or their e-mail address may have been previously collected by one of these trojans and it's not really from them. I know I'm just a bit paranoid, but it doesn't interfere with my life and I tend not to have problems with malware. |
|
Subject: RE: BS: greeting cards trojans virus warning From: JohnInKansas Date: 03 Jul 07 - 04:21 PM "hovering over the links showed something entirely different from what it said they were. " This is a good thing to watch for, and if it shows something different than expected it usually is something you don't want. Unfortunately, it isn't foolproof, because a J-script link generally will not be shown on the status bar, and can be crafted to do anything an html link can - and more. I deleted them because the title said "A friend has sent you a greeting". All my friends have better sense. Unfortunately, it appears that all of my "special friend's" relatives are total idiots. (I probably should limit that to "about this sort of thing," ... but I'm not sure...?) Every time one of them sends "her" a card, I deliver the lecture, she says "well I didn't know that," and then sends them back a "thank you for the card" card. One questions, at times, out tendency to love and care for dumb beasts. John |
|
Subject: RE: BS: greeting cards trojans virus warning From: Charley Noble Date: 03 Jul 07 - 04:34 PM Two of these "greetings" I received today were screened out as suspect by my SPAM service and I subsequently deleted them. Charley Noble |
|
Subject: RE: BS: greeting cards trojans virus warning From: Rapparee Date: 03 Jul 07 - 04:56 PM I don't open emails for cialis, viagra, home loans, any loans, lotteries I've won but don't remember entering, pleas to help move illegally obtained money out of another country, pleas to help move illegally obtained money out of THIS country, email cards from people I never heard of or which don't provide the name of the sender, emails in a language other than English, emails with odd subject lines, or anything else I find odd, strange, or different. Except for that nice man in San Diego who wants me to help him move several million pounds sterling to a bank in Idaho.... |
|
Subject: RE: BS: greeting cards trojans virus warning From: Liz the Squeak Date: 03 Jul 07 - 05:36 PM think trojan HORSE :-) Wasn't that designed to get the soldiers in and then let them out once they were in the 'town'? That doesn't work so well as an example... LTS |
|
Subject: RE: BS: greeting cards trojans virus warning From: Becca72 Date: 03 Jul 07 - 07:04 PM Sure it does, Liz. The virus comes in as a gift "horse"..something you want or something that appears friendly. But once you open it all the little soldier virus dudes swarm your 'puter and destroy....that's where they got the name for the type of virus. |
|
Subject: RE: BS: greeting cards trojans virus warning From: JohnInKansas Date: 03 Jul 07 - 08:48 PM The most common forms of malware currently being distributed do NOT NEED TO CONTAIN ANY VIRUS, WORM, or TROJAN (horse or otherwise). Most stuff being currently distributed relies on what's called "phishing" or "social engineering." Computerese is ignored, and the most vulnerable component - the nut in front of the keyboard - is attacked instead. The only usual requirement is that you "click something." The click can be intended simply to open a web page or open an email, but usually it's clicking a link on a page or in an email. The "click" that you do can be aliased so that it does something different than it's expected to do, or so that it does what's expected but does something in addition to what you see it doing. If the "click" tells your computer that you approved the installation of a program, the program will be installed, even if you didn't know you were giving your permission. Your computer MUST DO WHAT YOU TELL IT TO DO. The program does NOT NEED TO contain a virus, worm, or trojan in the usual sense. All it has to do is tell your computer to open a port. It can then connect to a malicious website, or it can just sit there with the port open and wait for the site to find it. The port can be used, by a malicious website, to install additional little programs to search the files on your machine, capture the keystrokes for everything you type, or to use your machine to send spam to others. Since those who use this kind of malware tend to the use of a few specific ports, every "bot-herder" on the web searches for machines with these ports open. The malware that gets delivered to you may not even come from the same source that tricked you into getting the opening, and/or you may get "little programs" from numerous sources. EVERYTHING that this kind of malware does, often is "perfectly normal computer operation" just as when you stick a CD into your drive, and Windows Media Player, or iTunes, or QuickTime, or (insert your "player" program) opens a port and makes a connection to retrieve the track information to tell you the details of what's on the disk (and to tell WMP/iTunes/QT/other what tunes you're playing, and whether it's an official/commercial/authorized/paid for disk). The only real defense against some of this is the common admonition: "DON'T BE STUPID." Sometimes, even that isn't enough. Newer AV and antimalware programs are learning to recognize some of the phising ploys and the sites that generate them. With latest patches, WinXP will, with proper settings, ask you for an independent "permission" to run any executable accessed on the web, or to turn on "unusual" permissions. A trivial example is the popup that asks if you want to "run or save" a file from a web source. I'm told that Vista goes a step further, in that even if you're running with Administrator privileges you're required to re-enter the Administrator password to approve any "program" installation or to perform any other "Adminstrator level" operation. This kind of malware is a main reason for it. For best protection, you need not only current AV/Adware/Spyware definitions, but should also have a reasonable current program version, since older versions still in use may not incorporate looking for these kinds of malware. But nothing helps if you are - accidentally or intentionally, or by nature - even a little bit: CARELESS / STUPID / OBLIVIOUS / OVERCONFIDENT / GULLIBLE / GREEDY / CURIOUS / UNLUCKY John |
|
Subject: RE: BS: greeting cards trojans virus warning From: Stilly River Sage Date: 04 Jul 07 - 01:48 AM That about covers it! |
|
Subject: RE: BS: greeting cards trojans virus warning From: Liz the Squeak Date: 04 Jul 07 - 01:54 AM Oh I get it for being a virus, just not for being a condom.... LTS |
|
Subject: RE: BS: greeting cards trojans virus warning From: Becca72 Date: 04 Jul 07 - 02:40 PM Well, the trojans were the big beefy manly dudes who made the horse, I guess... |
|
Subject: RE: BS: greeting cards trojans virus warning From: Liz the Squeak Date: 04 Jul 07 - 03:25 PM Glad to hear the horse was protected... LTS |
|
Subject: RE: BS: greeting cards trojans virus warning From: alanabit Date: 05 Jul 07 - 05:09 AM I usually write back to the address given as sender to ask for clarification. If I receive no reply - and I usually get a delivery failure notice - I delete the e-mails immediately. Thanks for the warning Cllr. I had deleted three such e-mails yesterday. |
|
Subject: RE: BS: greeting cards trojans virus warning From: Cats at Work Date: 05 Jul 07 - 06:08 AM We had 3 or 4 which arrived on Jon's birthday!!! What a coincidence. I opened one but it got caught and I've deleted the rest. |
|
Subject: RE: BS: greeting cards trojans virus warning From: GUEST,happychi Date: 10 Jul 07 - 09:36 PM Okay, maybe I'm an idiot. I usually NEVER open greeting cards or anything that I don't recognize the senders name but I guess I didn't have enough coffee that morning and OPENED it like an idiot! Now what do I do? I scanned my computer w/my anti-virus and deleted all my "temp files" from that day but how do I know I got rid of it? I just saw something on the news about it and I guess this trojan hi-jacks your computer and they can steal your idenity. YIKES! Help! |
