Browse » Home » Spam » “You’ve received A Hallmark E-Card!” Fake Email

“You’ve received A Hallmark E-Card!” Fake Email

Posted August 14, 2008 

I just received a Hallmark e-card from a friend.

!

Only, as usual, I right-clicked the links to in the email, and it turns out to pick up my card I have to visit not Hallmark.com, but http://legacymodels.com/images/funny.gif.exe. Which means that link downloads an executable file. Which means a program.

Which means a Trojan.

Friends don’t send friends Trojans.

Phishing emails disguised as e-cards are popular ways to get you to download a Trojan, which will likely spy on you and steal your ID, or turn your PC into a zombie that secretly spams other people.

Another day, another damn scam.

“You’ve received A Hallmark E-Card!” Fake Email Is Ugly

“You’ve received A Hallmark E-Card!” Fake Email

“You’ve received A Hallmark E-Card!” Fake Email Is Dumb

From: notifications@hallmark.com
Subject: You’ve received A Hallmark E-Card!
A Friend has sent you a Hallmark E-Card.

If you recognize this name, click the link to see your E-Card.
http://www.hallmark.com/ECardWeb/ECV.jsp?a=EG0694272732475M245925860Y&product_id=

If this name is not familiar to you and you’re concerned about online security, please use the following steps:

      Visit http://www.hallmark.com/getecard
      Enter your e-mail address in the Original Recipient.s E-Mail Address box.
      Enter EG0694262772475 in the Confirmation Number box.
      Click Display Greeting.

Want to send an E-Card too ? Visit www.hallmark.com/ecards

To view Hallmark’s privacy policy or for questions, visit www.hallmark.com, and click the links at the bottom of the page.

“You’ve received A Hallmark E-Card!” Fake Email Might Be a Phishing Email

WTF is a Phishing Email?

Phishing emails are fake emails sent by people trying to steal your financial information or identity. Phishing is just what it sounds like: only instead of someone fishing for fish, phishers are going after human catches.

Some phishing emails are disguised as charities looking for a donation after a big natural disaster, other phishing emails will look like an e-card you need to retrieve, but most phishing emails pretend to be from a big bank concerned about your account.

Now, let’s talk about…

Why Phishing Emails Suck

Phishing emails, like “You’ve received A Hallmark E-Card!” Fake Email, generally look authentic, but there are a few ways to realize they’re faker than a chest on a Playboy bunny.

  • Scare tactics: Most phishing emails will tell you that your financial account has been closed and you need to take immediate action to restore it. If you have reason to think an email like this is real, type your bank’s website address into your browser. Never click any of the links an email like this.
  • Fake hyperlinks: Phishing emails will show you a hyperlinked URL that, if you click it, sends you to a completely different website. It’s at this scam website–which may look pretty real except for the revealed URL–that phishers usually try to capture your login information.
  • Domain name forgery: Once you click this link and get taken to the phishing website, sometimes even then you can’t see the real URL of the site–it may be disguised with javascript to read like a trusted domain (for example, the phishers might use code to make your browser display www.trustedbank.co.uk, when you’re really visiting www.damnscam.co.uk/trustedbank-phishing.htm).
  • Images instead of text: Phishing emails sometimes use a graphic of text instead of actual words, so that they can bypass your spam detectors. Remember that pretty V1AGARA or C1ALIS picture you got recently?
  • Undisclosed recipients: The better phishing emails don’t make this mistake, but a lot of times phishing emails will spam a ton of people at once and leave the “To:” section reading “undisclosed recipients”–even though the email is supposed to address your account in particular.

Did “You’ve received A Hallmark E-Card!” Fake Email use these moves to try to scam you?

Popularity: 6% [?]

WTF? “You’ve received A Hallmark E-Card!” Fake Email?

Yep. Read more:

» “You’ve received A Hallmark E-Card!” Phishing Email
» “You’ve received A Hallmark E-Card!” Email (Again)
» Hallmark-gif1-exe
» “You have recieved A Hallmark E-Card” Phishing Email
» Hallmark.com Phishing Email

More in Spam »