You got to give scammers credit where credit is due. This latest wave of e-card spam at least exhibits some imagination on the part of the sender:
At first it was from a friend, then a colleague, then a classmate; now it’s neighbors and worshippers sending you ecards. Good on them. I must confess I don’t worship that often, and I haven’t spoken to my neighbor since the Korean-funded mistress moved out from next door, so they’re not likely to dupe me. But they might dupe someone. (If I got one from from a Fellow Technology Columnist, I might bite.)
Which would be bad, because the links contain a variant of the Storm Trojan, according to Urban Legends, which will turn your computer into a zombie and do some scammer’s bidding.
All this must be really hurting what is left of the e-card greetings industry (when was the last time you received an e-card? A real one, I mean?) Indeed, a press release from the Greeting Card Association warning users about these scams offers advice to recipients that is so tortured it’s hard to imagine anyone would bother following it:
For consumers who are unsure if an e-card notice is legitimate, the Greeting Card Association recommends that they go directly to the publisher’s website to retrieve an e-card, rather than clicking on a link within the e-mail.
— Manually type the name of the card publisher’s website URL into your browser window.
— Locate the “e-card pick up” area on the publisher’s website.
— Take the card number or retrieval code information contained in the e-mail and enter it into the appropriate box or boxes on the publisher’s e-card pick-up area.
— If you are unable to retrieve the e-card, you will know the notification was a scam, and that it should be deleted.
Seriously. Who is going to do all that? My advice: if you care enough about the person, send them a real card. Or leave something on their Facebook wall.