It seems that there is an infector, not in the greeting card, but in the "flash player" update that the card site tells the recipient is needed to view the card. According to Alex's report in "Seen in the wild: Examle greeting card scam", if you install this fake flash player, you get two Haxdoor variants!
"We were able to access the website where the malware author is counting the installs done using this scam, and we see about 2,500 installs so far on this. Maybe not a large number, but that’s 2,500 users who may be facing a very unpleasant time."
Let's hope by alerting folks to this scam, 2,500 other users can avoid this nasty infection. If you get caught, go to one of the ASAP member sites for help. Better yet, stay safe. Just as we teach our children not to talk to strangers, don't open e-mails/e-cards from strangers.
No comments:
Post a Comment