E-card malware scam

Red Condor issued a warning about a new e-Card spam campaign that appears to come from American Greetings’ BlueMountain.com.

The email, with the subject line “You received a BlueMountain e-Card!,” suggests that users “need to install the Macromedia Flash Plug-in” to see the “complete version” of the e-Card.

The entire body of the email, which includes the header and footer of a legitimate Blue Mountain e-Card, is an executable. Clicking on any part of the messages launches a browser window, and depending on a user’s browser security settings, may download a virus automatically with only a single click.

The spam is being distributed by a botnet and has been aggressively targeting Internet Service Providers. The virus has also been identified as a banking Trojan.

“E-card scams are fairly common around the holidays, but there is a reason that spammers continue to return to their old tricks,” said Dr. Tom Steding, president and CEO of Red Condor. “People like e-cards and trust sites like BlueMountain.com. However, as we have seen in the prevalence of social media spam throughout this year, people need to be guarded about what they click on in their emails. Even though the email may appear legitimate, people should look for subtle things like spelling and grammar errors or if the embedded link will send them to some random web site.”